urlscan.io logo urlscan.io
SecurityTrails logo

braincandy.net Open in urlscan Pro
67.229.238.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://braincandy.net/
Effective URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Submission: On October 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 107 IPs in 14 countries across 89 domains to perform 377 HTTP transactions. The main IP is 67.229.238.21, located in United States and belongs to EVOCATIVE-GLOBAL, US. The main domain is braincandy.net. The Cisco Umbrella rank of the primary domain is 382415.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 3rd 2023. Valid for: a year.
This is the only time braincandy.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 67.229.238.21 4213 (EVOCATIVE...)
11 2a03:2880:f08... 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
18 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42::649 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:225... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
2 23.60.206.246 16625 (AKAMAI-AS)
1 143.204.98.105 16509 (AMAZON-02)
1 67.229.238.34 4213 (EVOCATIVE...)
2 23.35.237.86 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 50.31.142.223 22075 (AS-OUTBRAIN)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:c00... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.101.130.137 54113 (FASTLY)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 35.173.102.74 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 151.101.194.132 54113 (FASTLY)
1 18.66.97.41 16509 (AMAZON-02)
5 108.138.7.47 16509 (AMAZON-02)
1 18.66.112.47 16509 (AMAZON-02)
3 3.230.86.123 14618 (AMAZON-AES)
27 23.53.42.130 20940 (AKAMAI-ASN1)
4 2a02:2638:d::a 44788 (ASN-CRITE...)
4 3.125.58.108 16509 (AMAZON-02)
5 12 37.252.171.149 29990 (ASN-APPNEX)
2 7 104.18.26.193 13335 (CLOUDFLAR...)
3 108.138.17.121 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 52.205.187.77 14618 (AMAZON-AES)
1 3.234.2.218 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
2 23.35.236.201 16625 (AKAMAI-AS)
1 1 23.201.255.110 16625 (AKAMAI-AS)
2 23.52.120.246 16625 (AKAMAI-AS)
4 5 193.108.153.5 20940 (AKAMAI-ASN1)
1 81.17.55.171 60781 (LEASEWEB-...)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
1 50.17.233.50 14618 (AMAZON-AES)
5 5 46.228.174.117 56396 (AMOBEE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 216.52.2.6 32475 (SINGLEHOP...)
6 23.82.15.159 30633 (LEASEWEB-...)
1 3.210.64.86 14618 (AMAZON-AES)
4 5 2a00:1450:400... 15169 (GOOGLE)
3 3.223.59.142 14618 (AMAZON-AES)
1 2 52.46.143.56 16509 (AMAZON-02)
9 9 142.250.185.130 15169 (GOOGLE)
8 104.18.27.193 13335 (CLOUDFLAR...)
6 35.71.131.137 16509 (AMAZON-02)
1 141.226.228.48 200478 (TABOOLA-AS)
3 173.231.180.197 32475 (SINGLEHOP...)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
2 178.250.7.11 44788 (ASN-CRITE...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 52.94.222.140 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
18 198.47.127.205 3257 (GTT-BACKB...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 18.158.97.142 16509 (AMAZON-02)
2 2 31.172.81.158 44066 (DE-FIRSTC...)
2 2 54.198.183.8 14618 (AMAZON-AES)
1 1 70.42.32.191 13789 (INTERNAP-...)
1 2 151.101.2.49 54113 (FASTLY)
5 6 52.208.23.16 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 185.86.138.153 201081 (SMARTADSE...)
1 1 35.214.228.230 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.141 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 3 63.35.30.113 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.44.10.91 14618 (AMAZON-AES)
3 4 37.157.4.28 198622 (ADFORM)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
1 98.98.134.241 21859 (ZEN-ECN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 1 18.134.84.21 16509 (AMAZON-02)
1 151.101.66.132 54113 (FASTLY)
2 162.19.138.119 16276 (OVH)
3 162.19.138.118 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
2 216.58.206.34 15169 (GOOGLE)
1 3.220.21.116 14618 (AMAZON-AES)
2 23.82.15.161 30633 (LEASEWEB-...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 54.165.244.88 14618 (AMAZON-AES)
2 44.198.14.39 14618 (AMAZON-AES)
1 3.215.243.137 14618 (AMAZON-AES)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 76.223.111.18 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 2 34.254.70.163 16509 (AMAZON-02)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.88.86.2 24940 (HETZNER-AS)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 51.222.80.231 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 69.173.144.137 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
377 107
19    67.229.238.21 (United States)

ASN4213 (EVOCATIVE-GLOBAL, US)
PTR: 67.229.238.21.STATIC.KRYPT.COM
braincandy.net
cloud1.braincandy.net
11    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
18    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pubads.g.doubleclick.net
3    2600:9000:225e:3000:19:b6f1:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)
dn0qt3r0xannq.cloudfront.net
13    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:223c:ac00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    23.60.206.246 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-206-246.deploy.static.akamaitechnologies.com
cdn.playbuzz.com
1    143.204.98.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-105.fra50.r.cloudfront.net
launcher.spot.im
1    67.229.238.34 (United States)

ASN4213 (EVOCATIVE-GLOBAL, US)
PTR: 67.229.238.34.STATIC.KRYPT.COM
cdn2.triviatoday.com
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
2    50.31.142.223 (Hickory Hills, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
tr.outbrain.com
2    2606:4700:10::6816:3c77 (United States)

ASN13335 (CLOUDFLARENET, US)
edge.aditude.io
1    2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
mcd-sdk.playbuzz.com
stream.playbuzz.com
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:1f18:730:b110:29c6:1e04:f1b2:383c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    35.173.102.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-102-74.compute-1.amazonaws.com
rp4.liadm.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
embed.playbuzz.com
pixel.ex.co
ads.playbuzz.com
1    18.66.97.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-41.fra56.r.cloudfront.net
direct-events-collector.spot.im
5    108.138.7.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-47.fra56.r.cloudfront.net
static-cdn.spot.im
1    18.66.112.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-47.fra56.r.cloudfront.net
publisher-assets.spot.im
3    3.230.86.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-86-123.compute-1.amazonaws.com
collector.ex.co
27    23.53.42.130 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-130.deploy.static.akamaitechnologies.com
mcd.ex.co
cdn.ex.co
static.ex.co
img.ex.co
4    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    3.125.58.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-58-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
12    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
7    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    108.138.17.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-121.fra56.r.cloudfront.net
api-2-0.spot.im
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e8c5e7f451e2c8dfad07ed60d1e8a4f5.safeframe.googlesyndication.com
cfef22c6eff9f58b685bc7a36d124d38.safeframe.googlesyndication.com
8    52.205.187.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-187-77.compute-1.amazonaws.com
sync.ex.co
1    3.234.2.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-2-218.compute-1.amazonaws.com
i.liadm.com
1    2600:9000:211e:200:1e:cbf7:e640:93a1 (United States)

ASN16509 (AMAZON-02, US)
sli.braincandy.net
15    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
21    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    193.108.153.5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-5.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync-global.smartadserver.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    50.17.233.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-233-50.compute-1.amazonaws.com
vop.sundaysky.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    216.52.2.6 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    23.82.15.159 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
p.channelexco.com
s-114.channelexco.com
1    3.210.64.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-64-86.compute-1.amazonaws.com
gpv.ex.co
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    3.223.59.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-59-142.compute-1.amazonaws.com
prd-collector-platform.ex.co
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
8    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
htlb.casalemedia.com
6    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550a:b341:11f2:35f0:bbbb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
18    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
simage2.pubmatic.com
1    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    18.158.97.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-97-142.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    54.198.183.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-183-8.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    52.208.23.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-23-16.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    35.214.228.230 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 230.228.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.141 (Paris, France)

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
3    63.35.30.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.44.10.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-10-91.compute-1.amazonaws.com
a.audrte.com
4    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    2a05:d018:d29:3602:d271:299f:5c6e:4925 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    18.134.84.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-21.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
1    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
embed.ex.co
2    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
6    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
www.googleadservices.com
1    3.220.21.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-21-116.compute-1.amazonaws.com
idx.liadm.com
2    23.82.15.161 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
e.channelexco.com
2    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
4    54.165.244.88 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-244-88.compute-1.amazonaws.com
prd-collector-anon.playbuzz.com
2    44.198.14.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-14-39.compute-1.amazonaws.com
track1.aniview.com
1    3.215.243.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-243-137.compute-1.amazonaws.com
go1.aniview.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    34.254.70.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-70-163.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
3    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Apex Domain
Subdomains		 Transfer
46 ex.co
player.ex.co — Cisco Umbrella Rank: 11519
collector.ex.co — Cisco Umbrella Rank: 11449
mcd.ex.co — Cisco Umbrella Rank: 18553
cdn.ex.co — Cisco Umbrella Rank: 12188
sync.ex.co — Cisco Umbrella Rank: 13028
gpv.ex.co — Cisco Umbrella Rank: 13054
static.ex.co — Cisco Umbrella Rank: 103040
prd-collector-platform.ex.co — Cisco Umbrella Rank: 159944
pixel.ex.co — Cisco Umbrella Rank: 174829
embed.ex.co — Cisco Umbrella Rank: 186141
img.ex.co — Cisco Umbrella Rank: 275459
3 MB
36 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
e8c5e7f451e2c8dfad07ed60d1e8a4f5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
cfef22c6eff9f58b685bc7a36d124d38.safeframe.googlesyndication.com
491 KB
32 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
427 KB
25 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage2.pubmatic.com — Cisco Umbrella Rank: 959
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
33 KB
24 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
ajax.googleapis.com — Cisco Umbrella Rank: 405
imasdk.googleapis.com — Cisco Umbrella Rank: 498
499 KB
20 braincandy.net
braincandy.net — Cisco Umbrella Rank: 382415
cloud1.braincandy.net
sli.braincandy.net — Cisco Umbrella Rank: 491505
301 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
310 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
9 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
25 KB
13 playbuzz.com
cdn.playbuzz.com — Cisco Umbrella Rank: 37538
mcd-sdk.playbuzz.com — Cisco Umbrella Rank: 147720
embed.playbuzz.com — Cisco Umbrella Rank: 114953
ads.playbuzz.com — Cisco Umbrella Rank: 304814
stream.playbuzz.com — Cisco Umbrella Rank: 109972
prd-collector-anon.playbuzz.com — Cisco Umbrella Rank: 219112
251 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com Failed
162 KB
11 spot.im
launcher.spot.im — Cisco Umbrella Rank: 5437
direct-events-collector.spot.im — Cisco Umbrella Rank: 4619
static-cdn.spot.im — Cisco Umbrella Rank: 4570
publisher-assets.spot.im — Cisco Umbrella Rank: 4831
api-2-0.spot.im — Cisco Umbrella Rank: 2824
98 KB
11 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
440 KB
8 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 13122
s-114.channelexco.com — Cisco Umbrella Rank: 89299
e.channelexco.com — Cisco Umbrella Rank: 12312
17 KB
7 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3307
rp.liadm.com — Cisco Umbrella Rank: 1727
rp4.liadm.com — Cisco Umbrella Rank: 6196
i.liadm.com — Cisco Umbrella Rank: 617
i6.liadm.com — Cisco Umbrella Rank: 3258
idx.liadm.com — Cisco Umbrella Rank: 2639
19 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
1 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 895
dis.criteo.com — Cisco Umbrella Rank: 648
1 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2378
track1.aniview.com — Cisco Umbrella Rank: 2622
go1.aniview.com — Cisco Umbrella Rank: 6508
143 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
4 KB
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 984
13 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
2 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3616
c1.adform.net — Cisco Umbrella Rank: 643
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19201
pixel.onaudience.com — Cisco Umbrella Rank: 3315
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
3 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3400
tr.outbrain.com — Cisco Umbrella Rank: 3137
wave.outbrain.com — Cisco Umbrella Rank: 3380
9 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
120 B
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3540
spl.zeotap.com — Cisco Umbrella Rank: 3127
1 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
125 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
899 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
id.crwdcntrl.net — Cisco Umbrella Rank: 2704
942 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
1 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
844 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
606 B
3 cloudfront.net
dn0qt3r0xannq.cloudfront.net
57 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
147 KB
3 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3599
13 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 31389
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
60 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
547 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
773 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
2 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3932
1 KB
2 openx.net
u.openx.net — Cisco Umbrella Rank: 739
670 B
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1818
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
837 B
2 aditude.io
edge.aditude.io — Cisco Umbrella Rank: 14553
103 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 925
120 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
17 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
736 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1168
252 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4613
464 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 7788
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 18782
244 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993
595 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
555 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
104 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
187 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31844
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6854
279 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6415
369 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
793 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
227 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
664 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
379 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
590 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1031
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
277 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
489 B
1 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2759
365 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
81 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1649
568 B
1 triviatoday.com
cdn2.triviatoday.com — Cisco Umbrella Rank: 357664
432 B
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
377 89
Domain Requested by
21 tpc.googlesyndication.com braincandy.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
18 fonts.googleapis.com braincandy.net
client
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
18 braincandy.net braincandy.net
15 cdn.ampproject.org securepubads.g.doubleclick.net
13 pagead2.googlesyndication.com braincandy.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
imasdk.googleapis.com
12 mcd.ex.co braincandy.net
cdn.ex.co
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
braincandy.net
static.ex.co
11 connect.facebook.net connect.facebook.net
braincandy.net
10 simage2.pubmatic.com ads.pubmatic.com
braincandy.net
10 ib.adnxs.com 3 redirects edge.aditude.io
acdn.adnxs.com
cdn.ex.co
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
braincandy.net
googleads.g.doubleclick.net
9 cm.g.doubleclick.net 9 redirects
8 image2.pubmatic.com ads.pubmatic.com
8 static.ex.co embed.playbuzz.com
static.ex.co
8 sync.ex.co cdn.ex.co
braincandy.net
ssum-sec.casalemedia.com
ads.pubmatic.com
ads.stickyadstv.com
6 www.gstatic.com googleads.g.doubleclick.net
6 match.prod.bidr.io 5 redirects ssum-sec.casalemedia.com
6 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
ads.stickyadstv.com
cdn.ex.co
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 www.google.com 4 redirects tpc.googlesyndication.com
5 p.channelexco.com cdn.ex.co
5 ads.stickyadstv.com 4 redirects cdn.ex.co
5 htlb.casalemedia.com edge.aditude.io
cdn.ex.co
5 cdn.ex.co mcd-sdk.playbuzz.com
cdn.ex.co
5 static-cdn.spot.im launcher.spot.im
static-cdn.spot.im
5 fonts.gstatic.com fonts.googleapis.com
4 prd-collector-anon.playbuzz.com mcd-sdk.playbuzz.com
static.ex.co
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.1rx.io 4 redirects
4 ssum-sec.casalemedia.com 1 redirects cdn.ex.co
ssum-sec.casalemedia.com
js-sec.indexww.com
4 tlx.3lift.com edge.aditude.io
4 bidder.criteo.com edge.aditude.io
4 ajax.googleapis.com braincandy.net
4 www.facebook.com connect.facebook.net
braincandy.net
3 id5-sync.com cdn.ex.co
3 c1.adform.net 2 redirects ads.pubmatic.com
3 x.bidswitch.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
3 prd-collector-platform.ex.co embed.playbuzz.com
braincandy.net
static.ex.co
3 ad.turn.com 3 redirects
3 api-2-0.spot.im static-cdn.spot.im
3 collector.ex.co mcd-sdk.playbuzz.com
3 mcd-sdk.playbuzz.com cdn.playbuzz.com
static.ex.co
3 dn0qt3r0xannq.cloudfront.net braincandy.net
dn0qt3r0xannq.cloudfront.net
3 www.googletagservices.com braincandy.net
googleads.g.doubleclick.net
3 netdna.bootstrapcdn.com braincandy.net
2 imasdk.googleapis.com cdn.ex.co
imasdk.googleapis.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects braincandy.net
2 mwzeom.zeotap.com braincandy.net
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 secure.adnxs.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 static.criteo.net edge.aditude.io
static.criteo.net
2 track1.aniview.com braincandy.net
player.aniview.com
2 player.aniview.com mcd-sdk.playbuzz.com
player.aniview.com
2 e.channelexco.com cdn.ex.co
2 www.googleadservices.com braincandy.net
2 img.ex.co braincandy.net
2 lb.eu-1-id5-sync.com cdn.ex.co
2 pixel.ex.co static.ex.co
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 sync.bumlam.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 dis.criteo.com i.liadm.com
ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 u.openx.net 2 redirects
2 eus.rubiconproject.com cdn.ex.co
eus.rubiconproject.com
2 ads.pubmatic.com cdn.ex.co
ads.pubmatic.com
2 embed.playbuzz.com braincandy.net
embed.playbuzz.com
2 edge.aditude.io dn0qt3r0xannq.cloudfront.net
2 tr.outbrain.com amplify.outbrain.com
2 www.google-analytics.com braincandy.net
www.google-analytics.com
2 cdn.playbuzz.com braincandy.net
mcd-sdk.playbuzz.com
2 b-code.liadm.com braincandy.net
b-code.liadm.com
2 code.jquery.com braincandy.net
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 prebid.media.net cdn.ex.co
1 prebid-server.rubiconproject.com cdn.ex.co
1 id.crwdcntrl.net cdn.ex.co
1 api.rlcdn.com cdn.ex.co
1 ads.playground.xyz 1 redirects
1 spl.zeotap.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 js-sec.indexww.com edge.aditude.io
1 acdn.adnxs.com edge.aditude.io
1 eb2.3lift.com edge.aditude.io
1 go1.aniview.com player.aniview.com
1 cfef22c6eff9f58b685bc7a36d124d38.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stream.playbuzz.com mcd-sdk.playbuzz.com
1 idx.liadm.com b-code.liadm.com
1 ads.playbuzz.com static.ex.co
1 embed.ex.co static.ex.co
1 s-114.channelexco.com braincandy.net
1 1f2e7.v.fwmrm.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 i6.liadm.com i.liadm.com
1 sync.taboola.com ssum-sec.casalemedia.com
1 gpv.ex.co cdn.ex.co
1 ap.lijit.com braincandy.net
1 sync.targeting.unrulymedia.com 1 redirects
1 vop.sundaysky.com braincandy.net
1 ssbsync-global.smartadserver.com cdn.ex.co
1 secure-assets.rubiconproject.com 1 redirects
1 sli.braincandy.net braincandy.net
1 i.liadm.com b-code.liadm.com
1 e8c5e7f451e2c8dfad07ed60d1e8a4f5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 publisher-assets.spot.im launcher.spot.im
1 direct-events-collector.spot.im launcher.spot.im
1 player.ex.co mcd-sdk.playbuzz.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de braincandy.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 rp4.liadm.com braincandy.net
1 rp.liadm.com 1 redirects
1 www.googletagmanager.com www.google-analytics.com
1 polyfill.io dn0qt3r0xannq.cloudfront.net
1 wave.outbrain.com amplify.outbrain.com
1 amplify.outbrain.com braincandy.net
1 cdn2.triviatoday.com ajax.googleapis.com
1 cloud1.braincandy.net braincandy.net
1 launcher.spot.im braincandy.net
0 csi.gstatic.com Failed imasdk.googleapis.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ssum-sec.casalemedia.com
ads.pubmatic.com
377 157

This site contains links to these domains. Also see Links.

Domain
twitter.com
play-trivia.com
Subject Issuer Validity Valid
*.braincandy.net
Go Daddy Secure Certificate Authority - G2		 2023-09-03 -
2024-10-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
*.playbuzz.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-30 -
2024-05-12		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.triviatoday.com
Go Daddy Secure Certificate Authority - G2		 2023-09-03 -
2024-10-04		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
aditude.io
GTS CA 1P5		 2023-08-28 -
2023-11-26		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-03 -
2023-11-02		 a month crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2023-06-08 -
2024-07-09		 a year crt.sh
cdn.ex.co
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
sli.braincandy.net
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.sundaysky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-11 -
2024-07-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.channelexco.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-11 -
2024-09-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 65 frames:

Primary Page: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Frame ID: 566D9D8594B7745B05B421A786119F2D
Requests: 135 HTTP requests in this frame

Frame: https://braincandy.net/sendEmail.asp?c=7D3119&sw=1600&dName=&title=Which%20Pixar%20Movie%20Is%20the%20Right%20Pixar%20Movie?
Frame ID: A20C277F03734AFF98BE0D49A7DF4B4B
Requests: 5 HTTP requests in this frame

Frame: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Frame ID: 29E1A0C111041878272E41C4C8422CBC
Requests: 13 HTTP requests in this frame

Frame: https://braincandy.net/playNew.asp?id=f7022538-b5b5-46a7-9f85-31cabc8d83a8&ia=nancyg15/slinky-and-rex-are-from-which-pixar-movie-&m=&c=7D3119
Frame ID: C1C4F2BF484E3C0DE5CA10E591015B27
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: D16F5062551F59940CA70D626E8929AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3297660157133908&output=html&adk=1812271804&adf=3025194257&lmt=1697298345&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697305545729&bpp=2&bdt=383&idt=213&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4148141675021&frm=20&pv=2&ga_vid=1891901609.1697305546&ga_sid=1697305546&ga_hid=1748508719&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078363%2C31078594%2C31078599%2C42532335%2C44801484%2C44804684%2C44805098%2C44805112%2C44805335%2C44805533%2C44805674%2C44805680%2C31078802%2C44803791&oid=2&pvsid=2859897920363816&tmod=1436002934&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fbraincandy.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
Frame ID: C18D333397EA68C509B3C154034E25D4
Requests: 1 HTTP requests in this frame

Frame: https://e8c5e7f451e2c8dfad07ed60d1e8a4f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4DE51498D1DE2EF8775DA87A89BC981
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C106016094&gdpr=0&gdpr_consent=
Frame ID: CACA91F2C9E4931E645843BC56C19532
Requests: 8 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01lm?s=&ps=true&ls=true&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&euns=0&version=sc-v0.3.15&
Frame ID: 36D90E2B68DEEE8C013F3270B10B8943
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: B50369668FB06090506DAF1F328580D2
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: C532FCF4057602B687C4077F9308959D
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: BD69C83B3B14359A0AD3E824F68ADAC6
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Frame ID: 6B68131689BED998C5EFEA20AE014AB3
Requests: 24 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Frame ID: 83482530EE8A0B5EFEAE357B6ED071E4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Frame ID: 902C621673C551D0120792D2343B3423
Requests: 3 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Frame ID: 3F58D5507DDEA8B78457E5F832136CFF
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Frame ID: 70879A8B02FA9DA6182223806BB46E36
Requests: 1 HTTP requests in this frame

Frame: https://static.ex.co/cdn/fonts/google/roboto-poppins-fonts.css
Frame ID: DB149DF57B10516CE507E15C60A55D3D
Requests: 32 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5C802EFA1C3D8E342025E949B46919D2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 8A43824F3C3D2E1010394331B7D438DC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb
Frame ID: 86479ECB3040C7A4FB293B2DC4F8F0CD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6901398141378280120&gdpr=0&gdpr_consent=
Frame ID: 41A46029A892B0081C7FD48DE759D252
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289871815694743698&gdpr=0&gdpr_consent=
Frame ID: E518C9DB576BDCC89BA346AD532FCF19
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=476&user_id=81d4ddd0-6ab9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=d97069ae-14d3-49e4-b07b-321ccac866af
Frame ID: 8DF5513030F7C963FFA97FA031BD16B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Frame ID: 180C60C003A1CA496F85B23BE2BBE6A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 87E31237551C96DF955A7DBA5553FB36
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSrTywAX3gUUswAb
Frame ID: 347E5DDEDB2A4CDAB99E388265FEB566
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEvIE7KVagAABjnezesDg&gdpr=0&gdpr_consent=
Frame ID: 27631B3F2D4534CF8B17C70DBDCE2F90
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2954797F46904304D69690E865FA9FAD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbf6174feb14e4b24961922853e2c8e3b
Frame ID: 4B825ED0CD2BC5F65E38BAA6431DFA9F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E979C039B8E30D5AEBE49153792F1314
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9039262152919640350
Frame ID: 04DCDD922480D39EB7D67448F973A757
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730299425128
Frame ID: 6D8B412080867374CFBB49F609398487
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 4B117E5026FCC69A8546812844ECC483
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: B39A246FD0741947C7017E68ABA2CD0D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C30411ACF3DA127CF12F116B7F6E3315
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRVnnanXWRnVbUgS&gdpr=0&gdpr_consent=
Frame ID: 184126FDEDC57E0C1655ADE92F92205A
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
Frame ID: B280AD24EB1B4501BADD0C53076AC8DA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 8B8874804A376217D58FD94709FB7E52
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=9a1979cf339d7a7c377a9722a42e137
Frame ID: 3ED7D3D93774610372BAAB6A4EA29F32
Requests: 1 HTTP requests in this frame

Frame: https://embed.ex.co/xdomain_cookie.html
Frame ID: 8BC71687EC09F580A9CC17CD1DA05088
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 802A0D5E2A275D0A8CEE00291E8FFC3E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: B2F2E313AE7E77EE8B4053DDAEBB9775
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 6AC18A32BBF1F3BDCA1FEE711585BF71
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Frame ID: 279322339A6AEF9AFD85F0DAA954ADF1
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 905C059AA280165D0E37EF7F0193EA63
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: 36C0C05931082EB194723F5EE18CD453
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: 91143E35609D308071C63252EB31C64A
Requests: 1 HTTP requests in this frame

Frame: https://cfef22c6eff9f58b685bc7a36d124d38.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 2AA8B3EDBD6BCFB7034A95F25B3A2DAC
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 03B06B3CC5C6EAE6D4CE67C4A942EC79
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0883BBDF7DF54B4FBEF67AB40D914DFB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83DB48AEC68268DBECB9E6BBFF9B43F7
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6331DEF1681BB600798E995E8584F9BA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 97715B6462780727ACF370F2EFF80FC2
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AF69F7F3BED7304B793EEFF59FFCCDA6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 46693632A346D58518772CE5EB8F8D2A
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&gdpr=0&gdpr_consent=
Frame ID: FF72F4D681AEB8ED8AD0F1223E2474B1
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 72917AFB1BDE7C1042D962F3F48D2588
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: FD0D65CBD85CF29493BF80325B12D37C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: ADB1B7EB994C3C6FC797EB70C3EF0515
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AC779B793A834B0C89C840625AE57783&gdpr=0&gdpr_consent=
Frame ID: 80910EB8299DE44CFABE5C0420D138FB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5592490336
Frame ID: 8B17793370235BEEA384DBB6D8E1FF42
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
Frame ID: 56E67AAFDEA0BCD6A98041523A0BCBA3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 882DE16480D8C9BED3E2A5B039F02205
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1343DB20E219F1190F9DA6E17121BB9C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Brain Candy

Page URL History Show full URLs

  1. http://braincandy.net/ Page URL
  2. https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie- Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

377
Requests

90 %
HTTPS

30 %
IPv6

89
Domains

157
Subdomains

107
IPs

14
Countries

6685 kB
Transfer

16597 kB
Size

118
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://braincandy.net/ Page URL
  2. https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 61
  • https://rp.liadm.com/j?dtstmp=1697305545791&aid=a-01lm&se=e30&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&tna=v2.8.0&pu=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&wpn=lc-bundle&refr=http%3A%2F%2Fbraincandy.net%2F&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT4 HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&tna=v2.8.0&dtstmp=1697305545791&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&refr=http%3A%2F%2Fbraincandy.net%2F&aid=a-01lm&pu=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT4
Request Chain 155
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Request Chain 156
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Request Chain 159
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e1bea98-5a3c-49b4-92d8-4785c8d9e420
Request Chain 161
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1697305547108 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3358920616 HTTP 302
  • https://sync.1rx.io/usersync/turn/2577741385566063339?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-3d240d02-9c5c-4903-811a-a156fc5b4710-003 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003
Request Chain 162
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6901398141378280120
Request Chain 169
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 173
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 174
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDh2dIvuTRmkEU5fWcZ99zc&google_cver=1
Request Chain 176
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSrTyqea3MnFZ2zVi6Y1jAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOHL4fxzYf2DoXAxoGZpmo&google_cver=1
Request Chain 180
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2577741385566063339
Request Chain 183
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 201
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 202
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb
Request Chain 203
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6901398141378280120&gdpr=0&gdpr_consent=
Request Chain 204
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289871815694743698&gdpr=0&gdpr_consent=
Request Chain 205
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=d97069ae-14d3-49e4-b07b-321ccac866af&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjLp6upBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEIHU3dBquRHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGQ5NzA2OWFlLTE0ZDMtNDllNC1iMDdiLTMyMWNjYWM4NjZhZg** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=81d4ddd0-6ab9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=d97069ae-14d3-49e4-b07b-321ccac866af
Request Chain 206
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Request Chain 207
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 208
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSrTywAX3gUUswAb
Request Chain 209
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdklFN0tWYWdBQUJqbmV6ZXNEZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEvIE7KVagAABjnezesDg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEvIE7KVagAABjnezesDg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEvIE7KVagAABjnezesDg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2913900273055427010&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEvIE7KVagAABjnezesDg&gdpr=0&gdpr_consent=
Request Chain 210
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 211
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbf6174feb14e4b24961922853e2c8e3b
Request Chain 213
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9039262152919640350
Request Chain 214
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730299425128
Request Chain 218
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b95ee0e249e516a8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhRVnnanXWRnVbUgS%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhRVnnanXWRnVbUgS%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRVnnanXWRnVbUgS&gdpr=0&gdpr_consent=
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v67g06H_T_qJdVXz1l7HjA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 222
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2880216118 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
Request Chain 223
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWFhVjBYSzNUVVJUUGVrMFR5M1gyZ1FQQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7550100756346093214&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkZBRUUwRDMtQTFGRi00RkZBLTg5NzUtNTVGM0Q2NUVDNzhD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ_xk4_qL6QJOB4-85XY_6k&google_cver=1
Request Chain 227
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7550100756346093214
Request Chain 232
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2577741385566063339&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 234
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:955ac8f3-81c0-4bd0-80b1-f5ee2af90f34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 238
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9a1979cf339d7a7c377a9722a42e137&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7291002322987976104&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 283
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CcI5RytMqZcWoAZOKZ9WfvtANhYDexXPSyNfImRKGzv-VhBsQASDEhfIcYJWCgIC8B6AB7Y2IjgPIAQGpAt71OhnkobE-qAMByAPLBKoE8QFP0M690Dcuo6o896aAhxU_ppFRLOJG20RBlloKQVRluN4kt6kjQ1UjfzWaE2fVmzpx0P3rb9-fNl4sJCJt_5Bfxl48_zTMD66Yehea5Mxx7LAN0ujeJO5EHbnwN8jfM6y-sHFS11w8oRyPJ7ZD4KmQG0NFdjn-s12qwkj3O_40mXszhYe8FCBw45oZR05BVWgPyTSjLvFL9ImkCnrvuShjuSzSdGCtDNc28aa4rooZRF7uidvkgmmDyfu5PIvcUcspuE-J1DO0QWpWuYySVCbGhXNVOdIQC6AN4O5CsuFk7wBxJ9JZqWUdtBEHiVqK86KdwASMtLf9lQSIBaLsuahGkgUECAQYAZIFBAgFGASAB_vx93GoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD_-x_SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglMaHR0cHM6Ly93d3cuYjEyYW5rZXJtYW5uLmRlL3ZpdGFtaW4tYjEyLW1hbmdlbC9zeW1wdG9tZS8_ZGlzcGxheWNhbXBhaWduMj1vboAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMjk3NjYwMTU3MTMzOTA4GAA&sigh=-161d6yU350&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNpFjLSBzLkgx0Rhsp2HNAnM0Xa9sJij8GMvFI7bBB9ObLFFSo__OEHORcULg1nBATqaa2fosDZmRQe0NUaef1Hb6pAFhz_l4YAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222358626952675603759%22,%22debug_reporting%22:true,%22destination%22:%22https://b12ankermann.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22834799341%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216057056697939535041%22}&andc=true
Request Chain 284
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 337
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6901398141378280120
Request Chain 339
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OWExOTc5Y2YzMzlkN2E3YzM3N2E5NzIyYTQyZTEzNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGFAQQs-uoQcu04nwVujgWg&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 342
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238
Request Chain 343
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 344
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0INoe5JwVz9c6yAyaNKsLNly2hs
Request Chain 350
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 352
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AC779B793A834B0C89C840625AE57783&gdpr=0&gdpr_consent=
Request Chain 353
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5592490336
Request Chain 356
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 357
  • https://pixel.onaudience.com/?partner=214&mapped=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=47e3db36ae33a779e8d6eb31a8122543&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=b95ee0e249e516a8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=63146264-dae5-4152-4bef-942a38e99fb0&reqId=285009fa-fb66-45e8-7d91-6977a3adf156&zcluid=b95ee0e249e516a8&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEITjK8tp_RJWTAiOjyKXcNU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=63146264-dae5-4152-4bef-942a38e99fb0&reqId=285009fa-fb66-45e8-7d91-6977a3adf156&zcluid=b95ee0e249e516a8&zdid=1332
Request Chain 358
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6901398141378280120

377 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
braincandy.net/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://braincandy.net/
Protocol
HTTP/1.1
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
5022
Content-Type
text/html
Date
Sat, 14 Oct 2023 17:45:43 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Protocol
H2
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:44 GMT
content-md5
uClMNyCx0crwcuYblDMupQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
k2JnugpJF+M4sIQGgMa7+YjgEZ0qHvVQTpdO0+lI0gXhFkYYdwEUBG5OAfEd4Ns9bM8RxNMeuyH8TDaeYnfSJA==
x-fb-content-md5
f6c0a183c2b1b7751ce4074312673305
cross-origin-opener-policy
same-origin-allow-popups
etag
"2806d6bbcc315397a3461040decfbb11"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 14 Oct 2023 18:03:01 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1&appId=499465110243251
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
Primary Request /
braincandy.net/ 		34 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
208b4b048294a268014bf746fefd00c58aed4f9e5dcc6b796198b79875d70fc3

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://braincandy.net
Referer
http://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
34894
content-type
text/html
date
Sat, 14 Oct 2023 17:45:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
all.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=b136230279b83ba4c4d1dabc8db3ad78
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://braincandy.net/
Origin
http://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:44 GMT
content-md5
6P09rvH9V0S60zUf0L8ZTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87640
x-fb-debug
R7lwXqvMYiH7Um3t7NAszskVlbCNDmeKXwMQ5p23FskA8KaUmHgEGyB3H8M3lxKCL7rx302RsAaGciCIdlPLTw==
x-fb-content-md5
8c75387a0ff5cd6ddacbca9629af0276
cross-origin-opener-policy
same-origin-allow-popups
etag
"b719d63ebc7381b4f96b2e01040b577c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 13 Oct 2024 17:10:25 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=499465110243251&input_token&origin=1&redirect_uri=http%3A%2F%2Fbraincandy.net%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=b136230279b83ba4c4d1dabc8db3ad78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Sat, 14 Oct 2023 17:45:44 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
aX8/btR70vxnUxhSnFS7LzCk32no6k64j04m2vxjyOzAnGGymJnU3SFlOBOQC5A+XtlSDHzxZYlWhMsMQrQ2ZA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://braincandy.net
origin-agent-cluster
?0
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/ 		1013 B
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:25:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:45 GMT
css
fonts.googleapis.com/ 		392 B
381 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Days+One
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24348bb95815bc01ef8884e6ff2c283eb6f35da9ae19a275ccfeda0f0a050db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:45:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:45 GMT
css
fonts.googleapis.com/ 		750 B
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Audiowide
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2b0e37bd40774b388c384dfc2259f6ebc4f5539ec528ce4fbff9a2d1d2d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:41:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:45 GMT
css
fonts.googleapis.com/ 		2 KB
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jura:500
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cadbfff60ae673d4c55b6236da6413593e6ad5c30e764170f07ac0bba8836ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:45:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:45 GMT
css
fonts.googleapis.com/ 		3 KB
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cuprum:700,400
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe9e726107e3ed28ff6b7ab4247307ae5adf881a7ea2a51159dcce989103290f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:45:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:45 GMT
css
fonts.googleapis.com/ 		1 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c49d86e59d9e270c849e4f402f809b8cd80c49fba704ccbc843ffb1b31a69fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:16:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:45 GMT
css
fonts.googleapis.com/ 		419 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent+Marker
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089ca7c196871f14a5e353f41c417ef7bd6db262c7df9590a7f33e044f89c701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 15:49:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:45 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
14704981
cdn-cachedat
2021-08-03 04:14:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6358afe6e12aefed963ad27f3935d6d1
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8161a34ae86b193f-FRA
cdn-requestpullsuccess
True
braincandy1-wide.css
braincandy.net/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/css/braincandy1-wide.css?4545
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6550eea853d332872011bc2d37c62a771d5f416a1ef55ebed97b4c3486f78b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
content-encoding
gzip
last-modified
Sat, 17 Jun 2023 01:30:23 GMT
server
Microsoft-IIS/10.0
etag
"80611b49bba0d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5900
rrssb.css
braincandy.net/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/css/rrssb.css?x45
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ae714a96a90cb96d9571e73e9b0b7a5ef1fc835930c0c5aca5eeadff150097ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2017 15:30:06 GMT
server
Microsoft-IIS/10.0
etag
"0531e59eaa3d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1539
signin.css
braincandy.net/css/ 		5 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/css/signin.css?4545
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6860711cd1d404b5deadc7c56fa8d4fc1f268100f02b049df785758209f98daa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2017 15:30:06 GMT
server
Microsoft-IIS/10.0
etag
"0531e59eaa3d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
907
jquery-ui.css
code.jquery.com/ui/1.11.4/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2504898
x-cache
HIT, HIT
content-length
8056
x-served-by
cache-lga21926-LGA, cache-fra-etou8220045-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1697305545.399947,VS0,VE0
etag
W/"28feccc0-898c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
60, 9368
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Oct 2024 06:17:33 GMT
jquery-ui.js
code.jquery.com/ui/1.11.4/ 		460 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/jquery-ui.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2504906
x-cache
HIT, HIT
content-length
114093
x-served-by
cache-lga21950-LGA, cache-fra-etou8220045-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1697305545.400471,VS0,VE0
etag
W/"28feccc0-72e44"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
63, 10399
checkeu.js
braincandy.net/js/ 		363 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/js/checkeu.js?45
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c12f7a57e5d868832ea4fd936bccb4bf911b0c3fafb75e4179805ccbd2a7593c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
last-modified
Mon, 22 Oct 2018 03:47:36 GMT
server
Microsoft-IIS/10.0
etag
"03c86f8b969d41:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
363
gpt.js
www.googletagservices.com/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dce12275d63ce38bc757939d7601093deb9c363901adf77ae27e96599466f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29233
x-xss-protection
0
server
cafe
etag
304 / 19644 / 31078805 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:45:45 GMT
prebid-load.js
dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3000:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d6b42cc5d40022de8533bc7cdbe8782d3b1fb536807348cc1ea5c74f14b3c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
zf16KRO5vaL64tiBgv61EWMvfpLmae.R
content-encoding
br
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date
Sat, 14 Oct 2023 17:45:45 GMT
x-amz-cf-pop
FRA60-P4
age
1068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Oct 2023 17:51:04 GMT
server
AmazonS3
etag
W/"b713305b7b089b8709fbe780ab2b5bc7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
qkoTF9qVHrj0PWcuSzAt9_SzGOHjMh_ojDahd6UQmjWbwHzYNWcMtQ==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29c4aabc9e3e6e1f48cdc539d2af2df9cbf2019710f7326be15372cbeef2c502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51036
x-xss-protection
0
server
cafe
etag
13283442150066737111
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:45:45 GMT
a-01lm.min.js
b-code.liadm.com/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01lm.min.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ac00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a463c12629183ab9f0e8825bf3ea26819d9a34c8675f3a5b6eb960ea7a702fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:58:51 GMT
content-encoding
gzip
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
17214
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
FAJ3K4pQ_LHNqxvgepoWoiy2xfjfNxbit_4VaOHKnEtBXP0GLJvY_g==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
15464aab749c60569ecf70fbd7d493585f4463a37ed0ae11412408216612390f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:45 GMT
content-md5
GCtkdYQ+d3316ZwDVHqynQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
qI5TQpDdZDamC1tsa3oj5G0yEvc1H10BqDjXUwx4waeum5mnsBbuz3jOGH5Yrb+VtuPWfZSfHfDnWtzZKPb4Sg==
x-fb-content-md5
cc460eed876703096671d820fb72475d
cross-origin-opener-policy
same-origin-allow-popups
etag
"202b4d1826088fa64c4e31fd43e621f7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:54:45 GMT
bcLogo2.png
braincandy.net/images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://braincandy.net/images/bcLogo2.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25bfc4c32a75641ce91bc561de2f56bbf7ad94b0daf238e23473f47ec8540826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
last-modified
Thu, 23 Mar 2017 15:30:10 GMT
server
Microsoft-IIS/10.0
etag
"0ad805beaa3d21:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
98932
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
65e395eaf483bab73e06fff53895325935aca59a890d417a35e9b2164ac4bbff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:45 GMT
content-md5
uClMNyCx0crwcuYblDMupQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
k2JnugpJF+M4sIQGgMa7+YjgEZ0qHvVQTpdO0+lI0gXhFkYYdwEUBG5OAfEd4Ns9bM8RxNMeuyH8TDaeYnfSJA==
x-fb-content-md5
f6c0a183c2b1b7751ce4074312673305
cross-origin-opener-policy
same-origin-allow-popups
etag
"2806d6bbcc315397a3461040decfbb11"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 14 Oct 2023 18:03:01 GMT
ratio.png
braincandy.net/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://braincandy.net/ratio.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
43a56f7425c0c4274da9f324fbf4b81d0fcc5943d83c4d7d964aa055655786cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
last-modified
Thu, 23 Mar 2017 15:30:06 GMT
server
Microsoft-IIS/10.0
etag
"0531e59eaa3d21:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3618
pbads.mcd.av.player.v2.0.js
cdn.playbuzz.com/content/monetization/players/3ecf455b-f53a-4574-8f50-0dbbb8e37a7f/ 		655 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playbuzz.com/content/monetization/players/3ecf455b-f53a-4574-8f50-0dbbb8e37a7f/pbads.mcd.av.player.v2.0.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.206.246 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-206-246.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d9e6c8260c838073cab6862bbe54970e2c039bf5d0747061874509c87a1a84ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
content-length
374
last-modified
Sun, 22 Oct 2017 08:34:30 GMT
server
AmazonS3
etag
"b004edbd1a3f5a70ace787777dbaa942"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:45 GMT
sp_HQI9uHrd
launcher.spot.im/spot/ 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_HQI9uHrd
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-105.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80baea20eed7cd8dea7c21d76bce11e9f8da24d2f7f66f2f2ba1f3a0529855e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
JCvrjyX7pdunqRtOJPHYFpx8WUZIjqr6
content-encoding
br
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
date
Sat, 14 Oct 2023 17:45:46 GMT
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
21741
last-modified
Mon, 09 Oct 2023 10:38:32 GMT
server
AmazonS3
etag
"a1573b2f5ce526d3fa112f65a50787db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
KHWq1xfAQ12sxF-DCfOTe5oUS1AASt_-SnYfhqhtTTEd2bA2qFF3gA==
albert-signup3.png
braincandy.net/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://braincandy.net/images/albert-signup3.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3910c68ffb5d3d3232bb2af0230b347ade3c3cc18cda7e12326fd93e3e8dcde8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
last-modified
Thu, 23 Mar 2017 15:30:10 GMT
server
Microsoft-IIS/10.0
etag
"0ad805beaa3d21:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
57078
970X250.gif
braincandy.net/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://braincandy.net/images/970X250.gif
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c3a8994e75f6d8e4b91c424d116bfd1dcd0e95266eb4491ced9a722c997f756d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
last-modified
Wed, 13 Sep 2023 18:03:00 GMT
server
Microsoft-IIS/10.0
etag
"06232886ce6d91:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
65167
rrssb.min.js
braincandy.net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/js/rrssb.min.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51c400482c1bc05ee87f4c011ef47ee7333b26680c582d6229368792f03d6376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2017 15:30:12 GMT
server
Microsoft-IIS/10.0
etag
"0dab15ceaa3d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1925
jquery.easing.1.3.js
braincandy.net/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/js/jquery.easing.1.3.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
48a68501dc91b163ceee7d21567464e6a60a7b645799b4b4f35284af7cfb7155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2017 15:30:12 GMT
server
Microsoft-IIS/10.0
etag
"0dab15ceaa3d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1698
BC.js
braincandy.net/js/ 		3 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/js/BC.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7f1f89da2c6664a007a0154ef5754307dc935d4d41027b42de9fe8372eff52f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
content-encoding
gzip
last-modified
Thu, 23 Mar 2017 15:30:12 GMT
server
Microsoft-IIS/10.0
etag
"0dab15ceaa3d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
859
bouncearrow.gif
cloud1.braincandy.net/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud1.braincandy.net/images/bouncearrow.gif
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
217.114.218.27
cdn2.triviatoday.com/geoIP/api/ipinfo/ 		92 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn2.triviatoday.com/geoIP/api/ipinfo/217.114.218.27
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
67.229.238.34 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.34.STATIC.KRYPT.COM
Software
Kestrel /
Resource Hash
59ffbb394ce988b8189489962ded843cd83fbdfd1165b70d6115a9b6adff1951

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 14 Oct 2023 17:45:54 GMT
Content-Encoding
gzip
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 14 Oct 2023 17:45:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
eQFinqapFLYBLxuCgrdo27eXhQJQWTVMKd/3QRfrNNQ/7m8aST9QtAfOWDJvOjScCRczV/0iAYel1Eep4fzAUA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
69bdd7ec44a5888abae0bc4e4fa9eb24de4009270e5202334e50a86a58fbdc87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Oct 2023 06:56:37 GMT
Server
AkamaiNetStorage
ETag
"7b902c9ce10c6adf619679403e31556b:1697007639.454953"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7507
Expires
Sat, 14 Oct 2023 18:05:45 GMT
sendEmail.asp
braincandy.net/ Frame A20C 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/sendEmail.asp?c=7D3119&sw=1600&dName=&title=Which%20Pixar%20Movie%20Is%20the%20Right%20Pixar%20Movie?
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90e4547dfa657658f813b3c9e2e5ffb7acb75d00c33e50d6e4b49533dec3f432

Request headers

Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
11020
content-type
text/html
date
Sat, 14 Oct 2023 17:45:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
signup.asp
braincandy.net/ Frame 29E1 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/signup.asp?c=7D3119&sw=1600
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3cd9e48c594b383c242b82b0598e3b92726318e60463a02ff8c464070edabb96

Request headers

Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
10931
content-type
text/html
date
Sat, 14 Oct 2023 17:45:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
playNew.asp
braincandy.net/ Frame C1C4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/playNew.asp?id=f7022538-b5b5-46a7-9f85-31cabc8d83a8&ia=nancyg15/slinky-and-rex-are-from-which-pixar-movie-&m=&c=7D3119
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d4153d690cbdff24f804a3e390a2b7bd8e69d72884fd511addc3baca6b924176

Request headers

Referer
https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
2140
content-type
text/html
date
Sat, 14 Oct 2023 17:45:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 15:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6963
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 14 Oct 2023 17:49:42 GMT
header-bg11.png
braincandy.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://braincandy.net/images/header-bg11.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/css/braincandy1-wide.css?4545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94a06f5d67261e40bcc0bbc986b220c4cb4e94670daba28134dffb693a2d2d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/css/braincandy1-wide.css?4545
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:44 GMT
last-modified
Thu, 23 Mar 2017 15:30:10 GMT
server
Microsoft-IIS/10.0
etag
"0ad805beaa3d21:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2059
z7NOdRfiaC4Vd8hhoPzfb5vBTP1v7ZumR_g.woff2
fonts.gstatic.com/s/jura/v31/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jura/v31/z7NOdRfiaC4Vd8hhoPzfb5vBTP1v7ZumR_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jura:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c71aa930b8b7481b45f84cfc378f028809a044d72cef16af70fd0cccacda58bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 18:27:57 GMT
x-content-type-options
nosniff
age
83868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14088
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:22:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 18:27:57 GMT
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 20:56:31 GMT
x-content-type-options
nosniff
age
161354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16216
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 20:56:31 GMT
Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
fonts.gstatic.com/s/permanentmarker/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Permanent+Marker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 09:34:59 GMT
x-content-type-options
nosniff
age
29446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29564
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 17:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 09:34:59 GMT
sdk.js
connect.facebook.net/en_US/ 		304 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f80fecb5f468b4bc8f871580679644cf
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4163e1de8e0a8bdc6fe00726193ea7ae2dcce636d0c04b6eb1ca9c26f370ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://braincandy.net/
Origin
https://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:45 GMT
content-md5
CojIq+O+Ty/gy5eSE5DUtw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88133
x-fb-debug
ZDUbEDEUR8ZykLVTPShM5jx4RANoeE4+UPY0+lxtdfBzy1t19P6Xo9NBQf2TC74bcVat4j5ULPH3e2f9UlQZkg==
x-fb-content-md5
7e25a29c7b90e159e7425cb98a3624fb
cross-origin-opener-policy
same-origin-allow-popups
etag
"cabb89d131667164ab39509e9a7bfe59"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 13 Oct 2024 17:04:31 GMT
136604453636163
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/136604453636163?v=2.9.134&r=stable&domain=braincandy.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cbb00b5bfb2b3fbca7a51c41963b6f3a7215180d8841d2f58a147f2608372764
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 14 Oct 2023 17:45:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
H+6/I00Rqcilqso2F7bmIjJxdeCNpT0ZSNeY2j+d+JIQTXgoCFLQ6Js+qt7oJBl+JT2a19yv8ZEHj63Omchiiw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1748508719&t=pageview&_s=1&dl=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&ul=en-us&de=UTF-8&dt=Brain%20Candy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=912308136&gjid=1445863440&cid=1891901609.1697305546&tid=UA-92784887-1&_gid=15164566.1697305546&_r=1&_slc=1&z=1245657859
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bc170fe095e8d03bce73ccb7e3392e2bc7fd8c1651448b2976742e69fe2b6de5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=true&bust=02549920935806671&referrer=http%3A%2F%2Fbraincandy.net%2F&marketerId=007f266ee8a5533b1005bf996bff48b066&name=PAGE_VIEW&dl=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.223 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:46 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
c8d6a26cf704edd30f92806f876a65a9
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=007f266ee8a5533b1005bf996bff48b066
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.223 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
br
X-TraceId
3ab494cf8368b54c26d60d715736d790
Content-Length
39
Content-Type
application/javascript
007f266ee8a5533b1005bf996bff48b066
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/007f266ee8a5533b1005bf996bff48b066
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:45 GMT
Content-Encoding
gzip
ob-sent-time
1697232627159
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
deac8c8f5f72b3127eddef6b9a6850f3
Content-Length
22
Expires
Sat, 14 Oct 2023 17:46:45 GMT
prebid-wrapper.js
dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/ 		218 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-wrapper.js
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3000:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cca2530583b32a1a0425ab9bb03a19bd59fb941c42d1a2a06f91e0b62559eda2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
m74w_mxoIkqQvkvEOY7uXJtORqOKmexl
content-encoding
br
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date
Sat, 14 Oct 2023 17:18:46 GMT
x-amz-cf-pop
FRA60-P4
age
1785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Oct 2023 17:51:04 GMT
server
AmazonS3
etag
W/"ce45c23b2f74dd3181c87a20c6d44110"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
NSbSrQFPsy2Uyfu-Kv_JBcML8m_fFmVaIv4Hjyh4qNQoWeHVvh0q5g==
7.54.3.js
edge.aditude.io/prebid/ 		314 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf5e33c2cc54437165d892b2424e9c9b602bad94cb8a28b4912dd08cd444722
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::jhz29-1693810645606-382f5d4d6a78
server
cloudflare
age
793164
x-matched-path
/prebid/[version]
etag
W/"4e6fa-Z29C1v6CNFGIcTGsurKOJcqnZOY"
x-vercel-cache
MISS
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2678400
cf-ray
8161a34ccbb465df-FRA
polyfill.min.js
polyfill.io/v3/ 		101 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:46 GMT
age
113165
detected-user-agent
Chrome Mobile/118.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/118.0.0
content-type
text/javascript; charset=UTF-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
config.json
edge.aditude.io/wrapper/triviatoday-8NZt8FLGX9/braincandy/ 		24 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/wrapper/triviatoday-8NZt8FLGX9/braincandy/config.json
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
496913b9c2146703e5452254e115bfa25d1e6e690138448ed9a47757c8fa6826
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
cf-cache-status
MISS
x-vercel-id
fra1::cle1::h5vkw-1697305545751-44dbcaea8640
server
cloudflare
x-matched-path
/wrapper/[publisherKey]/[wrapper]/config.json
etag
W/"18-c7MPOkhj4yubxCBneOJNcIbelYo"
x-vercel-cache
MISS
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300, stale-if-error=3600
cf-ray
8161a34cc8ac68f2-FRA
sync-container.js
b-code.liadm.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01lm.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ac00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38346c661a5d9c7cac02ddcf5012e9905d07a9246d501065551a8a5b3f7f6f9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:05:28 GMT
x-amz-version-id
sPhVZ104DboVs7S8pa39MuSI_bOZsMl7
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 12:28:53 GMT
server
AmazonS3
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"966e0937ec1a9c25d3d81f08ccfa817a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
790818
x-amz-cf-id
WKEZQvlxaNdQKEfHTSEfVZduzufwVn7NjaA64JeEctayyX4QpRY7VA==
js
www.googletagmanager.com/gtag/ 		226 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KGND54FWRV&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c75273e4d47ff352f615d364801ba7756f2a462e5d642ff22d426ce9691ca3a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82200
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 14 Oct 2023 17:45:45 GMT
sdk.js
mcd-sdk.playbuzz.com/embed/ 		543 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=3ecf455b-f53a-4574-8f50-0dbbb8e37a7f
Requested by
Host: cdn.playbuzz.com
URL: https://cdn.playbuzz.com/content/monetization/players/3ecf455b-f53a-4574-8f50-0dbbb8e37a7f/pbads.mcd.av.player.v2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed02dd1f4d3990a71f37387e64a6b85398930578778916e83e7b5f314ae65cea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:45 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, HIT
content-length
171361
x-served-by
cache-iad-kiad7000157-IAD, cache-fra-eddf8230055-FRA
server
nginx
x-timer
S1697305546.767371,VS0,VE95
etag
W/"87acd-2Rs6wfQVAAlwoFFRFAfLCFG/Qdw"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=braincandy.net&bust=31078802
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1786cce893b278edad7f6cb51a84df30288832417c56e8bee13f266acc7d4dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136744
x-xss-protection
0
server
cafe
etag
7388114551427289108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:45:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame D16F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4090
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 10:33:31 GMT
etag
6119613530591461916
expires
Sat, 28 Oct 2023 10:33:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1697305545791&aid=a-01lm&se=e30&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&tna=v2.8.0&pu=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie...
  • https://rp4.liadm.com/j?se=e30&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&tna=v2.8.0&dtstmp=1697305545791&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&refr=http%3A%2F%2Fbraincan...
47 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&tna=v2.8.0&dtstmp=1697305545791&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&refr=http%3A%2F%2Fbraincandy.net%2F&aid=a-01lm&pu=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT4
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Server
35.173.102.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-102-74.compute-1.amazonaws.com
Software
/
Resource Hash
d0155673a6ca77fd823260e3e3a2a34c3a93acb4b0c5740a3d24a877c7f4cda4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
x-pixel-event-id
f0f724ee-1cb5-4116-8360-1ed8e19e83b3
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
47

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&tna=v2.8.0&dtstmp=1697305545791&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&refr=http%3A%2F%2Fbraincandy.net%2F&aid=a-01lm&pu=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT4
access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:46 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=136604453636163&ev=PageView&dl=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&rl=http%3A%2F%2Fbraincandy.net%2F&if=false&ts=1697305545825&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697305545822.1179401612&it=1697305545642&coo=false&rqm=GET
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 14 Oct 2023 17:45:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KGND54FWRV&gtm=45je3ab0&_p=1748508719&_gaz=1&ul=en-us&sr=1600x1200&cid=1891901609.1697305546&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&dt=Brain%20Candy&sid=1697305545&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KGND54FWRV&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KGND54FWRV&cid=1891901609.1697305546&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KGND54FWRV&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KGND54FWRV&cid=1891901609.1697305546&gtm=45je3ab0&aip=1&z=497920759
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
1524
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134786
x-xss-protection
0
server
cafe
etag
13749274744457858240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:20:21 GMT
ad-server.f06b7d14f042cb1c6a9d.plugin.js
dn0qt3r0xannq.cloudfront.net/plugins/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/plugins/ad-server.f06b7d14f042cb1c6a9d.plugin.js
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-wrapper.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:225e:3000:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 00:26:50 GMT
x-amz-version-id
7Ph25oasjpNNCvP_3BwgTw_JdI0CyoNZ
content-encoding
br
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age
62336
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 13 Oct 2023 17:51:05 GMT
server
AmazonS3
etag
W/"5af4bfbb01caa5a9b65fb57271f844de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
eXCnWTf59WbbkzCHxh4nBGsjMTmR-uzAwDovSsQhtg8s6CCeHhT2OA==
cookie.js
partner.googleadservices.com/gampad/ 		395 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=braincandy.net&callback=_gfp_s_&client=ca-pub-3297660157133908
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=braincandy.net&bust=31078802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b68a709a38df4e859574817d2affcb1a2f856f5f998af4a0d6a340a520a3115d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C18D 		336 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3297660157133908&output=html&adk=1812271804&adf=3025194257&lmt=1697298345&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697305545729&bpp=2&bdt=383&idt=213&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4148141675021&frm=20&pv=2&ga_vid=1891901609.1697305546&ga_sid=1697305546&ga_hid=1748508719&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078363%2C31078594%2C31078599%2C42532335%2C44801484%2C44804684%2C44805098%2C44805112%2C44805335%2C44805533%2C44805674%2C44805680%2C31078802%2C44803791&oid=2&pvsid=2859897920363816&tmod=1436002934&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fbraincandy.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=braincandy.net&bust=31078802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7835551bec8862236a154ec97f9b56e254b1993b221b1af1684ca98e8cfeb0b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
81586
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:45:47 GMT
expires
Sat, 14 Oct 2023 17:45:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
versions
player.ex.co/ 		750 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/versions
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=3ecf455b-f53a-4574-8f50-0dbbb8e37a7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2307871f3548016ae838e0cea561baac19dac7861c02c38721a93b0db487b9e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:46 GMT
age
71
x-cache
HIT, HIT
content-length
750
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-eddf8230121-FRA
server
nginx
x-timer
S1697305546.058156,VS0,VE2
etag
W/"2ee-hAyaaAd3C/6OhfsGbgwnf2kT5uc"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
4, 1
events
direct-events-collector.spot.im/api/v2/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-41.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 14 Oct 2023 17:45:46 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
Jn--AAX6A1a0c9AgAKyF0OD6l2_FGAUojPlWING57DqvgccURpJ8aA==
x-cache
Miss from cloudfront
386-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/386-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:31:11 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-version-id
b5F0PCOjgZdzWGRVP42p0zjshd9F8boR
x-amz-cf-pop
FRA56-P6
age
972876
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
22998
last-modified
Tue, 03 Oct 2023 09:24:39 GMT
server
AmazonS3
etag
"85216e38d3203fb8b2485d233fba267b"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nXRn0TmHkM-NoDnQ-89hoyfo0g2CEoy2CCXwk3Wg4t2l3fZT-OepUQ==
808-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/808-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa114ed26766bd02a687cc0ea687d20e203332d27caf4978fe31104e5e1876dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:31:11 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-version-id
Lp16GL90MSq3KfwfhChkMnXnm9tIYRQI
x-amz-cf-pop
FRA56-P6
age
972876
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28295
last-modified
Tue, 03 Oct 2023 09:24:39 GMT
server
AmazonS3
etag
"a63b28909cce34cde0986294181af7b1"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jm5bist2-9YiblxoBuABluCC401VIl3lbzelLiPg1MTxHCLRYnnirA==
891-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/891-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78b7236e2cd78ad5a0c1e6df5502c708951d4c209b6b308cd697fe3aaa4dea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:31:11 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-version-id
RATnC8sPGC1s0tHsryz6XP63RIhdryad
x-amz-cf-pop
FRA56-P6
age
972876
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3623
last-modified
Tue, 03 Oct 2023 09:24:39 GMT
server
AmazonS3
etag
"29db959c042f55a054141f906087af74"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
T6czS5jOK70wo2OpJqpT5STJKMo_BoIMkxd8hF2dLoIUZjkO3PEbYg==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52f7416e2ef56a07aa9119a19fa820dd609e8d538f225303b7334c9bfcbaa08d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:31:11 GMT
content-encoding
br
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-version-id
knNeHcG_..mlh5MsfeCw7k.uGKTqeRKv
x-amz-cf-pop
FRA56-P6
age
972876
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
9134
last-modified
Tue, 03 Oct 2023 09:24:39 GMT
server
AmazonS3
etag
"5b090c60bfe90986100f103f25ee5925"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Vm9pkSWUoVKXcAE86BRjL9gyj_15qI7dd7OdVGCDcs0en0xIX_OH5g==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 11:30:19 GMT
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
63348
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
AjxVsMlGjhNhnHwCaCpdWhEeJLubuM3SuTifP4p6mAvvYMHaapCatQ==
events
collector.ex.co/main/ 		17 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=3ecf455b-f53a-4574-8f50-0dbbb8e37a7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.86.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-86-123.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 14 Oct 2023 17:45:46 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:06:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:46 GMT
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.webp
mcd.ex.co/video/upload/w_800,so_4/v1490095101/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/w_800,so_4/v1490095101/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.webp
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
45365c86867f885bddc40a3e5079313f14e6dcc7632733b5d836b39bf685a373

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:46 GMT
Cache-Tag
465587674809349993189178165829297291947,473281262405526930053610213462331028430,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Disposition
inline; filename="landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.webp"
Connection
keep-alive
Content-Length
21600
X-Served-By
cache-lga21950-LGA
Last-Modified
Mon, 13 Feb 2023 16:45:12 GMT
Server
cloudinary
X-Timer
S1693832138.675201,VS0,VE1
ETag
"64ef9bf823369e91ccff26285ad30a94"
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28084139
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
player.js
cdn.ex.co/player/ap/3.57.0-3827f5e/ 		448 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=3ecf455b-f53a-4574-8f50-0dbbb8e37a7f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1f182033b5c59c76cb3e6799ee48546d42d73b1ee503757054a6919b4680e34f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
119812
last-modified
Wed, 11 Oct 2023 07:50:27 GMT
server
AmazonS3
etag
"07379791f995093c369084bd7a8f1c37"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:46 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=69586710484&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.125.58.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-58-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
an-x-request-uuid
169ea2d3-ef28-42df-b8c5-dff2a928de72
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		35 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292736
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f774f73ddd00473baccc5eb0ffef0b99f1f764edaab84f5bffdf29a2b6c888

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUiIW1Ie1KizDLgodVL674pIzyVHqHeGzu9MXUs%2BlxM0UdJJVRTkZRdbPxgBEBy%2B%2BvmQ%2FNcjvzqNhUhgMJ3YAQD7aqduRJZhrg2xkZIRtfRbGNrtaa3on%2FhcradPSsGeRRR7jzB5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8161a3502f6e1cc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=5801769442&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292741
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56453e26ac78fb9fafc889804ff270da78f743fa07c597ca054cdb9522cc0e6d

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFr5cPnqROaqmV8GdXPSMRdd2bKJnoZZGjfTKCQy64FQR4WF%2FN5NEp%2FBDFH6IWgxHq%2BTb24HQWLdJUrcRVG6VkeBHRk%2FS2lk%2BPQ1ZN0Tg1ForRKamG53fzb6uf9Hxo4%2FwjSIR%2FCe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8161a3502f711cc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.125.58.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-58-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
an-x-request-uuid
00a287b5-d4de-4d98-ac91-d3ede8d02b83
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.125.58.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-58-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=8603020426&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:45 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292737
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa3d665474811eb2f9ddcdb1d1aac8e32c168ad5769cfe5805c2efffb8379cfa

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UCVZTKtHEf6uTWIqMNHOQbBEf%2FGRrlTGF1nEolfM9CypxSgB9QaP8ISSwjxCLsZWOjZWQGdMO5RwJ%2FxGHEZmG%2BLUw4pe040aFmTnz1psrGnTZxtyp6slGKQZL56DKMBsk1G7gdt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8161a3502f721cc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
an-x-request-uuid
f61a6724-3581-4f25-8b9a-b154fdfb0e8a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292741
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c023fcd1306cd96b7f44c8907ae754615fd8fc7ee0cca7e0676b8ff246efe1b

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LyBFXenvWIPtpoHzsE23AMyx0ErvUqyZm%2FToIjw3IbSgCi6pVPoonl1vvYQ5GVrFrvIkEn9Hv2QVDBIy5doRYCyfnWSYHD2W%2B4mvrMyz3dDPWx8ZaPhtXhdbMn3W3U01dQx%2BODb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8161a3502f731cc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.125.58.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-58-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
accept-ch
sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
an-x-request-uuid
8ef507e6-08b4-4dba-b8b9-b66090a25393
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=91790441813&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding
br
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date
Sat, 14 Oct 2023 07:45:47 GMT
x-amz-cf-pop
FRA56-P6
age
36000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
AmazonS3
etag
W/"2a4e43326a158b47d0598571fd4099b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
pCutbCC7X6n3ge-rhHU66R_TbY1D93Bfl_9sGp0TB02wRN7uLiNB2g==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
93e8d3970bd7070d509018a35a8755ae651fa203631214e14be856a635dd34d9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-spotim-device-uuid
5c353721-3614-46a4-b17c-d827770cdc64
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
36
x-guid
5c353721-3614-46a4-b17c-d827770cdc64
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://braincandy.net
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
0_iUVdA9tgkA9C8mqVhH0eyxbcoo4Hd2aGTLYzKIoZgTrDCIAGjBBg==
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2859897920363816&correlator=1892351508400917&eid=31078819%2C31078805&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_desktop_leaderboard_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De90a42f8ea851c89-22808c7b92e400ab%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaOwqBKgDBP7IRzih2FR0ceAqKWCw&gpic=UID%3D00000c9872d85829%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaR7GdgWZHD1mi-Q-2Csp4p4M_5OQ&abxe=1&dt=1697305546330&lmt=1697298346&adxs=248&adys=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&ref=http%3A%2F%2Fbraincandy.net%2F&vis=1&psz=765x-1&msz=743x-1&fws=4&ohw=1600&ga_vid=1891901609.1697305546&ga_sid=1697305546&ga_hid=1748508719&ga_fc=true&dlt=1697305545346&idt=742&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&adks=1259390256&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd8d2c40d61771b78ef167acb01c529d168e88ae2a8d386309860cce698caa5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12193
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://braincandy.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e8c5e7f451e2c8dfad07ed60d1e8a4f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e8c5e7f451e2c8dfad07ed60d1e8a4f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:45:46 GMT
expires
Sun, 13 Oct 2024 17:45:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		323 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2859897920363816&correlator=3601831184115857&eid=31078819%2C31078805&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_bottom_responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De90a42f8ea851c89-22808c7b92e400ab%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaOwqBKgDBP7IRzih2FR0ceAqKWCw&gpic=UID%3D00000c9872d85829%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaR7GdgWZHD1mi-Q-2Csp4p4M_5OQ&abxe=1&dt=1697305546347&lmt=1697298346&adxs=286&adys=1927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&ref=http%3A%2F%2Fbraincandy.net%2F&vis=1&psz=1027x0&msz=1027x0&fws=4&ohw=1600&ga_vid=1891901609.1697305546&ga_sid=1697305546&ga_hid=1748508719&ga_fc=true&dlt=1697305545346&idt=742&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&adks=139572988&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19591c7c918111c858dea69c3dacccca129a8ae9518da8c304b958a8b39529b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2859897920363816&correlator=720590647295431&eid=31078819%2C31078805&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_desktop_leaderboard_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De90a42f8ea851c89-22808c7b92e400ab%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaOwqBKgDBP7IRzih2FR0ceAqKWCw&gpic=UID%3D00000c9872d85829%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaR7GdgWZHD1mi-Q-2Csp4p4M_5OQ&abxe=1&dt=1697305546361&lmt=1697298346&adxs=249&adys=315&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&ref=http%3A%2F%2Fbraincandy.net%2F&vis=1&psz=761x-1&msz=741x-1&fws=4&ohw=765&ga_vid=1891901609.1697305546&ga_sid=1697305546&ga_hid=1748508719&ga_fc=true&dlt=1697305545346&idt=742&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&adks=519834287&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99dba73b4476a73af9f50b2ebf4b24efd8982eb26b6928cc9701e4574a441f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14728
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://braincandy.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2859897920363816&correlator=3571559692553438&eid=31078819%2C31078805&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_desktop_skyscraper&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De90a42f8ea851c89-22808c7b92e400ab%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaOwqBKgDBP7IRzih2FR0ceAqKWCw&gpic=UID%3D00000c9872d85829%3AT%3D1697305546%3ART%3D1697305546%3AS%3DALNI_MaR7GdgWZHD1mi-Q-2Csp4p4M_5OQ&abxe=1&dt=1697305546371&lmt=1697298346&adxs=1029&adys=377&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&ref=http%3A%2F%2Fbraincandy.net%2F&vis=1&psz=320x-1&msz=318x-1&fws=4&ohw=1600&ga_vid=1891901609.1697305546&ga_sid=1697305546&ga_hid=1748508719&ga_fc=true&dlt=1697305545346&idt=742&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&adks=1740462161&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a027d6861ec0e191b574a49c08e88c350e832c20bac20963506fb3371025398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12080
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://braincandy.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_sync.html
cdn.ex.co/sync/0.0.1-1082b4e/ Frame CACA 		370 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C106016094&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
must-revalidate, proxy-revalidate, max-age=24095, s-maxage=31536000
content-encoding
gzip
content-length
255
content-type
text/html;charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
etag
"6c913cf53e2f19bb85cbce59bc48565f"
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
sync-4b7ae961.js
cdn.ex.co/sync/0.0.1-1082b4e/ Frame CACA 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C106016094&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f

Request headers

Referer
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C106016094&gdpr=0&gdpr_consent=
Origin
https://cdn.ex.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
1365
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
etag
"ea77f73013f99623af0cfc02bdf7a34a"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:46 GMT
cookie_sync
sync.ex.co/v1/ Frame CACA 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/cookie_sync?network=368531133%2C106016094&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
67a7539e8990fa31d741a9bb47eb0edc6f98b258bc709fcce29d7626e8983236

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://cdn.ex.co
date
Sat, 14 Oct 2023 17:45:46 GMT
access-control-allow-credentials
true
content-length
1929
vary
Origin
content-type
application/json
a-01lm
i.liadm.com/s/c/ Frame 36D9 		602 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01lm?s=&ps=true&ls=true&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&euns=0&version=sc-v0.3.15&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.2.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-2-218.compute-1.amazonaws.com
Software
/
Resource Hash
86b35b361191142c58558a79e7beab10d554c65b1d42b90ed7b02feaa4f01791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
422
Content-Type
text/html; charset=UTF-8
Date
Sat, 14 Oct 2023 17:45:47 GMT
Request-Time
3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.braincandy.net/ 		0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.braincandy.net/baker?dtstmp=1697305546626
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:200:1e:cbf7:e640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
0
x-amz-cf-id
vhgs4XWzAzV7atITy8ItK6vocvloyUa5lVTR8Y2jW9HmjT1AtYmKlw==
7D3119
api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/ 		163 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/7D3119
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.12.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
bf05350af6e8d159a65b2878e2cacb00a9176d0b5652f9d2beeb5706e11b06b0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://braincandy.net/
x-spotim-device-uuid
5c353721-3614-46a4-b17c-d827770cdc64
x-spotim-page-view-id
54c23143-9a14-4776-a136-b0f667a57e76
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
163
x-request-id
81771de6-6ab9-11ee-b880-86289a55408a
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://braincandy.net
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
2FmRkOhhQDfJb_i4WO8T8voGF6A2F4eASiLwWPI57Yr9R3E2thl1_Q==
7D3119
api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/7D3119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://braincandy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://braincandy.net
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Sat, 14 Oct 2023 17:45:46 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-id
bZcMfutPvwsTTyF5ueQeAXfi9kAJMO0B1uvAoj1nCPcO8QgTfPQTrQ==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame A20C 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: braincandy.net
URL: https://braincandy.net/sendEmail.asp?c=7D3119&sw=1600&dName=&title=Which%20Pixar%20Movie%20Is%20the%20Right%20Pixar%20Movie?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
14704982
cdn-cachedat
2021-08-03 04:14:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6358afe6e12aefed963ad27f3935d6d1
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8161a3534c1c193f-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame A20C 		2 KB
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jura:500
Requested by
Host: braincandy.net
URL: https://braincandy.net/sendEmail.asp?c=7D3119&sw=1600&dName=&title=Which%20Pixar%20Movie%20Is%20the%20Right%20Pixar%20Movie?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cadbfff60ae673d4c55b6236da6413593e6ad5c30e764170f07ac0bba8836ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:45:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:46 GMT
css
fonts.googleapis.com/ Frame A20C 		750 B
378 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Audiowide
Requested by
Host: braincandy.net
URL: https://braincandy.net/sendEmail.asp?c=7D3119&sw=1600&dName=&title=Which%20Pixar%20Movie%20Is%20the%20Right%20Pixar%20Movie?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2b0e37bd40774b388c384dfc2259f6ebc4f5539ec528ce4fbff9a2d1d2d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:00:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:46 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame A20C 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/sendEmail.asp?c=7D3119&sw=1600&dName=&title=Which%20Pixar%20Movie%20Is%20the%20Right%20Pixar%20Movie?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Oct 2024 06:17:33 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame 29E1 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
14704982
cdn-cachedat
2021-08-03 04:14:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6358afe6e12aefed963ad27f3935d6d1
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8161a3534c1f193f-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 29E1 		2 KB
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jura:500
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cadbfff60ae673d4c55b6236da6413593e6ad5c30e764170f07ac0bba8836ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:45:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:46 GMT
css
fonts.googleapis.com/ Frame 29E1 		750 B
378 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Audiowide
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2b0e37bd40774b388c384dfc2259f6ebc4f5539ec528ce4fbff9a2d1d2d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 16:41:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:46 GMT
css
fonts.googleapis.com/ Frame 29E1 		419 B
321 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent+Marker
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089ca7c196871f14a5e353f41c417ef7bd6db262c7df9590a7f33e044f89c701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 16:53:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:46 GMT
signupMain.css
braincandy.net/css/ Frame 29E1 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://braincandy.net/css/signupMain.css?4545
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN4213 (EVOCATIVE-GLOBAL, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d1aaa4dbeb17bda24b86aff296cc9ab4c02e5aa6d36f0c7de9a878c46d179963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/signup.asp?c=7D3119&sw=1600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
last-modified
Tue, 20 Jun 2023 19:29:57 GMT
server
Microsoft-IIS/10.0
etag
"80a8a898ada3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2508
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 29E1 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Oct 2024 06:17:33 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ Frame C1C4 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/playNew.asp?id=f7022538-b5b5-46a7-9f85-31cabc8d83a8&ia=nancyg15/slinky-and-rex-are-from-which-pixar-movie-&m=&c=7D3119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 00:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Oct 2024 00:20:15 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame B503 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame B503 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame B503 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame B503 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame B503 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
truncated
/ Frame B503 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
958993d96b69d9a02da7da8b3ce21bd7dbf7c0ce0beea89da09496fc0466a074

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
1207620159598977211
tpc.googlesyndication.com/simgad/ Frame B503 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1207620159598977211?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmIAl1RUBpeDB5-erUOFPDuF77Kdw
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de86e5f5fa94855e4bf620522e8fbef506808812bb27814d7375fd89cc9f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 08:20:05 GMT
x-content-type-options
nosniff
age
33941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90225
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 11:41:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 13 Oct 2024 08:20:05 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B503 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
73589
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 14 Oct 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B503 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
73589
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 14 Oct 2023 21:19:17 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 29E1 		198 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 14 Oct 2023 17:45:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
EFvaXtUTeaNuRXo1lVvN50oJwhqFP6QSo66n6bxYudhj6GFR5TjkOYZK8s57OY2vsb03GsMTQwEK4FKXSFtRug==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
embed.playbuzz.com/ Frame C1C4 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.playbuzz.com/sdk.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/playNew.asp?id=f7022538-b5b5-46a7-9f85-31cabc8d83a8&ia=nancyg15/slinky-and-rex-are-from-which-pixar-movie-&m=&c=7D3119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cc4ac67ce73afa5c451da91a810141b264e80ad994245f86fdf0e01fdaf0b5ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:46 GMT
via
1.1 varnish, 1.1 varnish
age
275053
x-cache
HIT, HIT
x-surrogate-key
SDK-for-external-purge
content-length
10684
x-served-by
cache-iad-kjyo7100039-IAD, cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1697305547.897560,VS0,VE2
etag
W/"b1cc-VP4mUOxHrWStb+4qoHshKV7Xzes"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits
26, 1
136604453636163
connect.facebook.net/signals/config/ Frame 29E1 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/136604453636163?v=2.9.134&r=stable&domain=braincandy.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cbb00b5bfb2b3fbca7a51c41963b6f3a7215180d8841d2f58a147f2608372764
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 14 Oct 2023 17:45:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35163
x-xss-protection
0
pragma
public
x-fb-debug
H+6/I00Rqcilqso2F7bmIjJxdeCNpT0ZSNeY2j+d+JIQTXgoCFLQ6Js+qt7oJBl+JT2a19yv8ZEHj63Omchiiw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame C532 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C532 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C532 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C532 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C532 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C532 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
73589
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 14 Oct 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C532 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
73589
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 14 Oct 2023 21:19:17 GMT
truncated
/ Frame C532 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8e24ae7909de25f1fc203f4fb5b7c1479f12bf741659d83dc64bc0acdb70016

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
13306316043550734077
tpc.googlesyndication.com/daca_images/simgad/ Frame C532 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/13306316043550734077
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a602e303fbe5b5ec73ec29709b73eb4435daf17afa71fb25d725f2d2547453e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:18:57 GMT
x-content-type-options
nosniff
age
8809
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17722
x-xss-protection
0
last-modified
Mon, 23 May 2022 10:45:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 13 Oct 2024 15:18:57 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame BD69 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame BD69 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame BD69 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame BD69 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame BD69 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:47 GMT
age
347519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:47 GMT
css
fonts.googleapis.com/ Frame BD69 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:26:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD69 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
73589
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 14 Oct 2023 21:19:17 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD69 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 07:19:32 GMT
x-content-type-options
nosniff
server
cafe
age
37574
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Sun, 15 Oct 2023 07:19:32 GMT
truncated
/ Frame BD69 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BD69 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93942ee84db05d090872fb3bb4a3872e179fd86a71eec48b8e576474ea0ad844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ Frame 29E1 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=136604453636163&ev=PageView&dl=https%3A%2F%2Fbraincandy.net%2Fsignup.asp%3Fc%3D7D3119%26sw%3D1600&rl=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&if=true&ts=1697305546906&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697305545822.1179401612&it=1697305546850&coo=false&rqm=GET
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 14 Oct 2023 17:45:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B68 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=110094
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 14 Oct 2023 17:45:46 GMT
expires
Mon, 16 Oct 2023 00:20:40 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 8348
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
2 KB
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53cb24df239039f646add3d27e957daa0699fbd3745ee081a6dfd11c4a09425

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8161a3548ce51cc1-FRA
content-encoding
br
content-type
text/html
date
Sat, 14 Oct 2023 17:45:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5FUOMfWnfCHk%2F%2F%2Bf48gLb4%2FKeOZBrZNmrEknFRSOf9Rlvpiq84fZvOj8AZ%2BNyY1vgT2PtkqcPM%2FC9ZD423lyshLDArwdL77hitsMkZ8uUWt1aOlCbzyv0c4oo2VftC6mzGooKT5uUmFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8161a3544c7c1cc1-FRA
content-length
0
date
Sat, 14 Oct 2023 17:45:46 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm61KI20FnzbwsOu%2FgPfh6ei3aQL9f3P4BRykUsJjAQZOFulO9q0%2BSWN%2B6MYpZ86VccpzdaFDE6LMCoE7Q5BrUA0%2BxmMdlOBzbM3xk%2BDVYpA4ZkiWDbMWcZupDUgUUsExBvO8oQYjvVgww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 902C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 14 Oct 2023 17:45:47 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 14 Oct 2023 17:45:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
server
AkamaiGHost
pbs-user-sync
ads.stickyadstv.com/ Frame 3F58 		317 B
791 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-5.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b9109c766dc0160b4ce5ecb62f225f5eb3aee3150533364065359dee8f991d75

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
317
Date
Sat, 14 Oct 2023 17:45:47 GMT
Expires
Sat, 14 Oct 2023 17:45:47 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1697305547249047-378
sync
ssbsync-global.smartadserver.com/api/ Frame 7087 		0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 14 Oct 2023 17:45:46 GMT
setuid
sync.ex.co/v1/ Frame CACA
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e1bea98-5a3c-49b4-92d8-4785c8d9e420
86 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e1bea98-5a3c-49b4-92d8-4785c8d9e420
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 14 Oct 2023 17:45:47 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e1bea98-5a3c-49b4-92d8-4785c8d9e420
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dmp
vop.sundaysky.com/sync/ Frame CACA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsundaysky%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7Bssky_uuid%7D
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.233.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-233-50.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length
43
expires
Sat, 1 Apr 2000 00:00:00 GMT
setuid
sync.ex.co/v1/ Frame CACA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1697305547108
  • https://ad.turn.com/r/cs?pid=45&rndcb=3358920616
  • https://sync.1rx.io/usersync/turn/2577741385566063339?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-3d240...
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003
86 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 14 Oct 2023 17:45:47 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003
date
Sat, 14 Oct 2023 17:45:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3d240d029c5c4903811aa156fc5b4710003
content-type
text/html
setuid
sync.ex.co/v1/ Frame CACA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6901398141378280120
86 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6901398141378280120
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 14 Oct 2023 17:45:47 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
an-x-request-uuid
3c2dfffe-4117-49c0-adc0-06dc51419d8f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6901398141378280120
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame CACA 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 14 Oct 2023 17:45:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=3ecf455b-f53a-4574-8f50-0dbbb8e37a7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.86.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-86-123.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 14 Oct 2023 17:45:46 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
player.js
p.channelexco.com/player/ 		23 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.59&p=1401845022&cb=d7779111-0d77-4cea-b160-911e580a0a68&d=https%3A%2F%2Fbraincandy.net&schain=1.0%2C1%21playbuzz.com%2C0010J00001s1sJeQAI%2C1%2C%2C%2C&w=743.671875&h=418.3&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=default&sid4=3.57.0-3827f5e&pub=1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.159 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
9fa4c56c7d77b76d292f095251eb03edecd2ea93793517fc6505e40656a49ef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 14 Oct 2023 17:45:47 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Sat, 14 Oct 2023 17:45:46 GMT
d
gpv.ex.co/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%225a5f5537-9b9a-4215-ae7%C4%97edd9cdb00b%C4%A9%22,%22country%C4%8D%22DE%C4%B2%22browser%C4%BCch%C5%83me%C5%80os%C4%BCwind%C5%84%C5%91%C4%B3networkI%C4%8C%C4%8E10601%C5%A694%C5%80hu%C4%8D%C4%B9ue%C4%B3p%C4%BC14%C5%A7845022%C5%80%C5%A2%22https://%C5%82a%C5%94ca%C5%95y.%C5%9At%C5%80u%C5%86r%C5%A1%C4%BCezojkt0mw6l3qn%C5%9E%22}
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.64.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-64-86.compute-1.amazonaws.com
Software
/
Resource Hash
b0c3d8af40cf21c9e5be531d89c120a2fa402a2050842fa43ac8379b7cccfca2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"698-EBpcJt3yViyD4X354NnDWg"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1688
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BD69 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
376588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 09:09:18 GMT
story-viewer.js
static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/ Frame C1C4 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
45745db6a137b469e44e00d469622072b166e516122635d284d5039573b79ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
147920
last-modified
Wed, 31 May 2023 10:50:44 GMT
server
AmazonS3
etag
"0ddd126da642b6521b6b0e1b638cf1ed"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/x-javascript;charset=utf-8
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B503
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Sat, 14 Oct 2023 17:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
events
prd-collector-platform.ex.co/main/ Frame C1C4 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.59.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-59-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
html
embed.playbuzz.com/ Frame C1C4 		168 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed.playbuzz.com/html?id=f7022538-b5b5-46a7-9f85-31cabc8d83a8
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b944c35a670304f91362be29db5c48c02aba9dc2ce88eae623070e57340e02c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:47 GMT
via
1.1 varnish, 1.1 varnish
age
9679
x-cache
HIT, HIT
x-pb-os
windows
x-pb-platform
desktop
x-surrogate-key
f7022538-b5b5-46a7-9f85-31cabc8d83a8 story 12313cf8-5f5a-40e9-ba07-f42f8c46fb0a 098d4e5b-6fe2-4da2-9275-8682bc20faec braincandy.net playbuzz7
content-length
31943
x-served-by
cache-iad-kjyo7100142-IAD, cache-fra-eddf8230106-FRA
server
nginx
x-timer
S1697305547.038360,VS0,VE89
x-pb-browser
chrome
etag
W/"2a109-diq5q6P5h7L0Wscpf+pkgisbWEY"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
X-PB-Campaign,X-PB-Os,X-PB-Platform,X-PB-Browser, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits
6, 1
all.js
connect.facebook.net/en_US/ Frame 29E1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: braincandy.net
URL: https://braincandy.net/signup.asp?c=7D3119&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
65e395eaf483bab73e06fff53895325935aca59a890d417a35e9b2164ac4bbff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:46 GMT
content-md5
uClMNyCx0crwcuYblDMupQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
k2JnugpJF+M4sIQGgMa7+YjgEZ0qHvVQTpdO0+lI0gXhFkYYdwEUBG5OAfEd4Ns9bM8RxNMeuyH8TDaeYnfSJA==
x-fb-content-md5
f6c0a183c2b1b7751ce4074312673305
cross-origin-opener-policy
same-origin-allow-popups
etag
"2806d6bbcc315397a3461040decfbb11"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 14 Oct 2023 18:03:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C532
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Sat, 14 Oct 2023 17:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame 8348
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 14 Oct 2023 17:45:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QG38QDYHEZPR2RKYVD3J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 14 Oct 2023 17:45:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3G4SDQ4C7TQB8J4YH5Q8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8348
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDh2dIvuTRmkEU5fWcZ99zc&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDh2dIvuTRmkEU5fWcZ99zc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQNoaqImMp4WBcrtl4Z%2FeK6SlO6dhMaDz1YKB8IvlAkAg367%2F5BMHbPjqRrVfITc1ESaJvXVCwzeRGKdbKi3gqYW1sNE%2FR6yOGu2s9Gzb%2FIGEG7MvCPUEVqQ%2Fl%2Ft8l3C7%2FwzRk1dchACsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8161a355d9e19bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDh2dIvuTRmkEU5fWcZ99zc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8348
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSrTyqea3MnFZ2zVi6Y1jAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOHL4fxzYf2DoXAxoGZpmo&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOHL4fxzYf2DoXAxoGZpmo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNvpbfBJojctuokARQc4V1uhFIcRZvOKN4HhzzPALVzkrEbEpQ6jUP3UONMUbyzLKt53WvDu3YXLT%2FrJ9eXQApUS3CRQr1PcjHBxaw%2FnudcdXpFobGQiYBfBDa%2FqKqukSv5eHsrzzKRrOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8161a355d9e39bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBOHL4fxzYf2DoXAxoGZpmo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8348 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
server
Kestrel
content-length
70
content-type
image/gif
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 8348 		0
0
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 8348 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 8348
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2577741385566063339
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2577741385566063339
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9xfct4F%2FK72m1aEAxhKlqs9vnJBtqA2lEbzYUyTwqcqvF3Xh60hO0lIfXdAIZ8qroxJDEXTlcdZ30YKXk%2BDogfyfpyVrgRnqZ1zweZG7qLqYsaWPTgjBB4tnXO9SP5SelaWZoAADPtQxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8161a355d9de9bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2577741385566063339
pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
bridge
cm.adgrx.com/ Frame 8348 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-1
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
sync.ex.co/v1/ Frame 8348 		86 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 14 Oct 2023 17:45:47 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame BD69
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Sat, 14 Oct 2023 17:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 6B68 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65715528&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
68031755c4fdafd7d6052543494d9babe8d922afad6d3ab44107639520e9590e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all.js
connect.facebook.net/en_US/ Frame 29E1 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=b136230279b83ba4c4d1dabc8db3ad78
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6c88ed56ad5d14c3e56085839ad254a43184549a6710bcd9f61cd3c929f7c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://braincandy.net/
Origin
https://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:47 GMT
content-md5
6P09rvH9V0S60zUf0L8ZTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87640
x-fb-debug
R7lwXqvMYiH7Um3t7NAszskVlbCNDmeKXwMQ5p23FskA8KaUmHgEGyB3H8M3lxKCL7rx302RsAaGciCIdlPLTw==
x-fb-content-md5
8c75387a0ff5cd6ddacbca9629af0276
cross-origin-opener-policy
same-origin-allow-popups
etag
"b719d63ebc7381b4f96b2e01040b577c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 13 Oct 2024 17:10:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B503 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf0FtytMqZfO2GbHnmLAPlZma6AbP_eHFc6TNpdG0EmQQASCEoo4nYJWCgIC8B6ABhtfXvQPIAQKpAt71OhnkobE-4AIAqAMByAMIqgSoAk_QN-sOvH2waMt5GzmZpSaqPH9yCnJ9AhhGOlWf03edmoSTbVXi7z7L8k2D7JClCR5yOKEG5vqvMyojguuDZX7QNAOy8tNBJIP525yrokRhZuemTBaeKe9KzggvExgNDHGNHMY3mJNpQCc0wrM5wbCXrqhpaRJHHTvz-7BxsEgRx8jq4Xe1UDWkXCvEylazxJM9pHR5D5CdrcYfKin5TSwD1a5ll8gm15P3FdznFZP3CuxQ6iiZt4QaTT39bL21to9DbxzvhGIr-E2weyMG-vEsIPXzSsjgaQhOuWLqzQ0367DpujXJvyfq_0rsr0OufN7bsnBiUGd8UQfgSZ-gx-8L-7WyvjF_73kXxdewgaSWOd0iwT9F8ZsuI6NXz7pU6UcxPnjzUKC1wASIlbbQkQTgBAGIBYO-4NdEkgUECAQYAZIFBAgFGASgBgKAB-KoqEKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDb6w_SCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgk-aHR0cHM6Ly93d3cubGlsaWVudGhhbC5iZXJsaW4vejAxLWxlLW10ci1iMDIzZj92b3VjaGVyPXNwZWNpYWyACgPICwHiDRMI9sWs8Yv2gQMVsTMGAB2VjAZt2BMN0BUBgBcBshceChwIABIUcHViLTMyOTc2NjAxNTcxMzM5MDgYnKUd&sigh=pOkRqCQVjcw&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNr7RFRSEmmLnnjYiQZpxcspjwIBWr2A7DlLbX7qfqbvdtPO9aBVonrYVe_I2CXKO3UPILyavjaGR5jRAOfa6b2C08LoqPJFwYAQ&cbvp=2
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 902C 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb4ff07f2d3b939a0605988e573a3b54d612ac7e2f839109e7d279800a9b3cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:47 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Oct 2023 00:56:49 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25835
Connection
keep-alive
Content-Length
10838
Expires
Sun, 15 Oct 2023 00:56:22 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 36D9 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&ps=true&ls=true&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&euns=0&version=sc-v0.3.15&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
191898
expires
Sat, 14 Oct 2023 00:00:00 GMT
a-01lm
i6.liadm.com/s/c/ Frame 36D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/c/a-01lm?duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&ls=true&ps=true&version=sc-v0.3.15&s=&euns=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&ps=true&ls=true&duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y&euns=0&version=sc-v0.3.15&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:ed:550a:b341:11f2:35f0:bbbb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame BD69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CD4VHytMqZdrMGIeG1gaNoZPQAYWA3sVz0sjXyJkSZBABIISijidglYKAgLwHoAHtjYiOA8gBAakC3vU6GeShsT7gAgCoAwHIAwqqBKwCT9AW3qKTEglBM50PSngvBbh4_A66JLOiTSvjYby5Q7tq-xH6PU-20nLmvb_Wle7trnWzTwuoQ9FKU4MbfGH2XD3dkgvkcKxUi-CA2Ac7OCJH_BISPNxkO0UtnS8aOj5T5YtvFH2ujDQd0hiw2FJPwjMZEQ76A4FmpzhtD5D40aBymUCiHLkOig75k08Ai0MRbJKIsIVHaYEZvUyk5V-_qWKOOu68mqZdOuFVXK24eH6dEhKm6GJv0fwhxmUSywifMhpnlbK0epQtuJEJspRXx8okeAbg_XYB5aB8ISHIcsmXEL_V90vgZUno2yryyaHWOqImzP4VB0mpKrLV_-hXerPBz9gLhB8q0QXRKQHr9inXnAxJSn8ONujGef_uAfFEyu6zcBP9NGPpJUJzwASMtLf9lQTgBAGIBaLsuahGkgUECAQYAZIFBAgFGASAB_vx93GoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDl8gLSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mglMaHR0cHM6Ly93d3cuYjEyYW5rZXJtYW5uLmRlL3ZpdGFtaW4tYjEyLW1hbmdlbC9zeW1wdG9tZS8_ZGlzcGxheWNhbXBhaWduMj1vboAKA8gLAeINEwj56qvxi_aBAxUHg9UKHY3QBBrYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzI5NzY2MDE1NzEzMzkwOBicpR0&sigh=U9SVpH_7TVc&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNoh5MjF3YoBgPloBXeA6KkwXq-ldb_0Fj8Q5B9zsXFrqaEhKmduajnhRERbjuDll2NJBA14fj05Mbv-Um3H2IOC3KL0jAzhgYAQ&cbvp=2
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C532 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_SMMytMqZfe8F8u2mLAP8Ju8qA731qGdc8roldzFEN7ZHhABIISijidglYKAgLwHoAG4w8ODA8gBAqkC3vU6GeShsT7gAgCoAwHIAwiqBLQCT9D9z5GvT4Gc_XFcIgfhB5nQ9NEnCcKdge0fqBhDgZpU-GtUCwMHjEdhTCXiwGB6mUYTcEJu9O65VD0YuPw9bQT_UljRgB7QZ4kG3KAB9J4zyGRImbY2qRnfoqiV-gDfpfh0Mg3_3tdbtahcJCKlkIjwuPLVad-jrXeMgVSrWyBC2w44q5TpCR-X9O1HMPgSA8PKauNrBlC6AzG_CH46MLf8OHcOqnQmdGuqwlu3s-0y_nm12VDqOt8uxyRoeI3ixvK7wS_oiiMSv0tgX1hTJsWo4p3m9Tgfse6E7Df2jBCLMdGMZNAz8R7UME1cD2lX-OnRtzL_egY6f_l5atci4giVc3gYUYaKdmYDHcgkGQ97MkiXR4DK_gRyKSJ-U9Of_dDY3nNu-Bs4PrmxtxEp1rVrt1TABNa326OcBOAEAYgF8JmknUSSBQQIBBgBkgUECAUYBKAGAoAHgtS1RKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPfdCtIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCdEBaHR0cHM6Ly9pbnRlbGxpdGVzdC5tZS9kZS9rbm93bGVkZ2UvUTRVWFc_bXQ9MjMwMDI0MyZ1dG1fc291cmNlPTYyJnV0bV9tZWRpdW09Z2RuX2NvbG9yX3Rlc3RfaW50ZWxsaV9jb2xkX2RhY2gmdXRtX2NhbXBhaWduPTIzMDAyNDMmb2ZmZXJfdXJsX2lkPTIzMDAyNDMmdXRtX2NvbnRlbnQ9YnJhaW5jYW5keS5uZXQmZXh0X2lkPWJyYWluY2FuZHkubmV0XzIzMDAyNDOACgPICwHiDRMI7L2q8Yv2gQMVSxsGAB3wDQ_l2BMM0BUBgBcBshceChwIABIUcHViLTMyOTc2NjAxNTcxMzM5MDgYnKUd&sigh=OP_67OJ3OsI&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNNTQDJBKJFRq1h_fkfCZVNfexbCgfMYWd9uyEx8zn-zV-UjrvAdW78VDDiMNPLLb-rS8Y9865qngLHzbyZcx6j4DkbKtEk1AYAQ&cbvp=2
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
khaos.json
token.rubiconproject.com/ Frame 902C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
status
www.facebook.com/x/oauth/ Frame 29E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fbraincandy.net&client_id=499465110243251&input_token&origin=1&redirect_uri=https%3A%2F%2Fbraincandy.net%2Fsignup.asp%3Fc%3D7D3119%26sw%3D1600&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=b136230279b83ba4c4d1dabc8db3ad78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Sat, 14 Oct 2023 17:45:47 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
d4gtrYbRZvtrYOA9j1WscVr5tZjm/1rm4++cXWJV6ecv/onJgU8W/dqirE0mYh+ZR2STOzHmoHzqErd9H7UiLg==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://braincandy.net
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
roboto-poppins-fonts.css
static.ex.co/cdn/fonts/google/ Frame DB14 		3 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/cdn/fonts/google/roboto-poppins-fonts.css
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
573578494667f15a89f574fedfab20b31e6aaee9179ee9d02bfb1713ec1b37c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
659
last-modified
Mon, 22 May 2023 14:45:59 GMT
server
AmazonS3
etag
"4d43338904c64143444b4f1fdc1dd074"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
css2
fonts.googleapis.com/ Frame DB14 		2 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Chivo:wght@400;700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
464573ecd97a3c56be074a2ee2c1893f3e181d76ac1bd336a73cb5102ee9b4fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:45:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:47 GMT
events
prd-collector-platform.ex.co/main/ Frame DB14 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: braincandy.net
URL: http://braincandy.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.59.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-59-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
story-viewer.js
static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/ Frame DB14 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
45745db6a137b469e44e00d469622072b166e516122635d284d5039573b79ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
147920
last-modified
Wed, 31 May 2023 10:50:44 GMT
server
AmazonS3
etag
"0ddd126da642b6521b6b0e1b638cf1ed"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/x-javascript;charset=utf-8
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
playbuzz-ads-core.min.js
static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/ Frame DB14 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
54992cc7785468dc624160738ef6642ed1c220bc5107e3cca971465d4db2e2f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
content-length
11811
last-modified
Wed, 03 Jul 2019 05:57:43 GMT
server
AmazonS3
etag
"b2294dab735d3cbca7a404cdee3e7490"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
pixel-sdk.min.js
static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/ Frame DB14 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/pixel-sdk.min.js
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
2969
last-modified
Tue, 12 Sep 2023 10:11:48 GMT
server
AmazonS3
etag
"c1e834ba9e137083fcb25e378b5d9bf1"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 5C80 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:45:46 GMT
expires
Sat, 14 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
211377
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8A43
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 14 Oct 2023 17:45:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EGWJ3QK5PPJXYDCP83R3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 14 Oct 2023 17:45:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XSQ96WAKNGD3GZ8D71FE
Pug
image2.pubmatic.com/AdServer/ Frame 8647
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 14 Oct 2023 17:45:47 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 41A4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6901398141378280120&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6901398141378280120&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d7390f8b-1dc3-4d9d-8222-5ccd1cadd461
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 14 Oct 2023 17:45:47 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6901398141378280120&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame E518
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289871815694743698&gdpr=0&gdpr_consent=
42 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289871815694743698&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 14 Oct 2023 17:45:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289871815694743698&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 8DF5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=d97069ae-14d3-49e4-b07b-321ccac866af&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjLp6upBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEIHU3dBquRHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGQ5NzA2OWFlLTE0ZDMtNDllNC1iMDdiLTMyMWNjYWM4NjZhZg**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=81d4ddd0-6ab9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=d97069ae-14d3-49e4-b07b-321ccac866af
43 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=476&user_id=81d4ddd0-6ab9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=d97069ae-14d3-49e4-b07b-321ccac866af
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.97.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-97-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 14 Oct 2023 17:45:47 GMT

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 14 Oct 2023 17:45:47 GMT
Location
https://x.bidswitch.net/sync?dsp_id=476&user_id=81d4ddd0-6ab9-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=d97069ae-14d3-49e4-b07b-321ccac866af
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 180C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 14 Oct 2023 17:45:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0INoe5JwVz9c6yAyaNKsLNly2hs&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 87E3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Sat, 14 Oct 2023 17:45:47 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 347E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSrTywAX3gUUswAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 14 Oct 2023 17:45:47 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220052-FRA
x-timer
S1697305547.442136,VS0,VE88

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 14 Oct 2023 17:45:47 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSrTywAX3gUUswAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220052-FRA
x-timer
S1697305547.316933,VS0,VE106
Pug
image2.pubmatic.com/AdServer/ Frame 2763
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdklFN0tWYWdBQUJqbmV6ZXNEZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEvIE7KVagAABjnezesDg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEvIE7KVagAABjnezesDg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEvIE7KVagAABjnezesDg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2913900273055427010&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEvIE7KVagAABjnezesDg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEvIE7KVagAABjnezesDg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 14 Oct 2023 17:45:47 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEvIE7KVagAABjnezesDg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2954
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 14 Oct 2023 17:45:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 4B82
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbf6174feb14e4b24961922853e2c8e3b
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbf6174feb14e4b24961922853e2c8e3b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sat, 14 Oct 2023 17:45:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbf6174feb14e4b24961922853e2c8e3b
pragma
no-cache
server
Tengine
bridge
cm.adgrx.com/ Frame E979 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 14 Oct 2023 17:45:47 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame 04DC
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9039262152919640350
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9039262152919640350
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9039262152919640350
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 6D8B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730299425128
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730299425128
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 14 Oct 2023 17:45:47 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730299425128
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cm
ipac.ctnsnet.com/int/ Frame 4B11 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 14 Oct 2023 17:45:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pubmatic
ad.mrtnsvr.com/sync/ Frame B39A 		0
0
cookiesync
core.iprom.net/ Frame C304 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 14 Oct 2023 17:45:47 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-03e768099f2f@version_1.573
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 1841
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b95ee0e249e516a8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRVnnanXWRnVbUgS&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRVnnanXWRnVbUgS&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:20:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRVnnanXWRnVbUgS&gdpr=0&gdpr_consent=
setuid
sync.ex.co/v1/ Frame B280 		86 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Sat, 14 Oct 2023 17:45:47 GMT
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v67g06H_T_qJdVXz1l7HjA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=110093
accept-ranges
bytes
content-length
5606
expires
Mon, 16 Oct 2023 00:20:40 GMT

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 6B68 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.179
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 6B68
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2880216118
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
via
1.1 google
last-modified
Sat, 14 Oct 2023 17:45:47 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
date
Sat, 14 Oct 2023 17:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 6B68
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWFhVjBYSzNUVVJUUGVrMFR5M1gyZ1FQQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7550100756346093214&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.44.10.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-10-91.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 6B68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkZBRUUwRDMtQTFGRi00RkZBLTg5NzUtNTVGM0Q2NUVDNzhD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6B68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ_xk4_qL6QJOB4-85XY_6k&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ_xk4_qL6QJOB4-85XY_6k&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ_xk4_qL6QJOB4-85XY_6k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 6B68 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 13 Oct 2023 17:45:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6B68
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7550100756346093214
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7550100756346093214
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7550100756346093214
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 6B68 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
server
Kestrel
content-length
70
content-type
image/gif
BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6B68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:d271:299f:5c6e:4925 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/58292/ Frame 6B68 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6B68 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6B68
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2577741385566063339&gdpr=0&gdpr_consent=&us_privacy=
1 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2577741385566063339&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 14 Oct 2023 17:45:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2577741385566063339&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 14 Oct 2023 17:45:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6B68 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6B68
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:955ac8f3-81c0-4bd0-80b1-f5ee2af90f34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:955ac8f3-81c0-4bd0-80b1-f5ee2af90f34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:955ac8f3-81c0-4bd0-80b1-f5ee2af90f34&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 14 Oct 2023 17:45:47 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
pixel.ex.co/v1/playbuzz-network/ Frame DB14 		2 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.ex.co/v1/playbuzz-network/
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/pixel-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Sat, 14 Oct 2023 17:45:47 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
1135
x-cache
HIT
content-length
2
x-served-by
cache-fra-eddf8230121-FRA
server
nginx
x-timer
S1697305547.311965,VS0,VE0
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
28
f7022538-b5b5-46a7-9f85-31cabc8d83a8
pixel.ex.co/v1/item/ Frame DB14 		1 KB
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.ex.co/v1/item/f7022538-b5b5-46a7-9f85-31cabc8d83a8
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/pixel-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:47 GMT
via
1.1 varnish
age
0
x-cache
HIT
content-length
458
x-served-by
cache-fra-eddf8230121-FRA
server
nginx
x-timer
S1697305547.311963,VS0,VE358
etag
W/"5c6-O3zrPZgNio3Vn+SHXFpF671qpQI"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/ 		157 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/reactive_library_fy2021.js?bust=31078802
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=braincandy.net&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99ae6a4f45064a2e9bd70b637423dd0fd1c9f949497db47cfc3337b8364320ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54894
x-xss-protection
0
server
cafe
etag
15918948725040150940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:45:47 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8B88
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9a1979cf339d7a7c377a9722a42e137&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7291002322987976104&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 14 Oct 2023 17:45:47 GMT
server
Kestrel

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sat, 14 Oct 2023 17:45:47 GMT
Expires
Sat, 14 Oct 2023 17:45:47 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1697305547676068-575
setuid
sync.ex.co/v1/ Frame 3ED7 		86 B
539 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=9a1979cf339d7a7c377a9722a42e137
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Sat, 14 Oct 2023 17:45:47 GMT
vary
Origin
starti
s-114.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-114.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fbraincandy.net&se=bbb3acdf-cf9a-4408-96cf-b5f3c4eab0c8&pv=117.59&dd=braincandy.net&gpvck=v022828842__743x418______DEF__nil__357&sa=shd&s=0.0&p=1401845022&cb=1697305547513
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.159 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
xdomain_cookie.html
embed.ex.co/ Frame 8BC7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.ex.co/xdomain_cookie.html
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
access-control-allow-origin
*
access-control-max-age
600
age
9767
cache-control
public, max-age=0
content-encoding
gzip
content-length
1228
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 17:45:47 GMT
etag
W/"a93-1884cd70138"
last-modified
Wed, 24 May 2023 08:18:59 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
12, 1
x-content-type-options
nosniff
x-served-by
cache-iad-kjyo7100095-IAD, cache-fra-eddf8230080-FRA
x-timer
S1697305548.619571,VS0,VE93
trivia-viewer.js
static.ex.co/pb-story/trivia/production/0c036502eaf7b6c040dd358b9757a1cf75a4fc4a-2023-05-31-10-48-14/ Frame DB14 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/trivia/production/0c036502eaf7b6c040dd358b9757a1cf75a4fc4a-2023-05-31-10-48-14/trivia-viewer.js
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
640938121f0b348ec4da0771b5467f86c5400fc64e8bd449e01693dd0807f066

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
20986
last-modified
Wed, 31 May 2023 10:48:15 GMT
server
AmazonS3
etag
"be6f90dc441ed740edc7cf0a88218ab6"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
trivia-viewer-svg.js
static.ex.co/pb-story/trivia/production/0c036502eaf7b6c040dd358b9757a1cf75a4fc4a-2023-05-31-10-48-14/ Frame DB14 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/trivia/production/0c036502eaf7b6c040dd358b9757a1cf75a4fc4a-2023-05-31-10-48-14/trivia-viewer-svg.js
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cf77a1fa2302f84eda2e622959e0ba7e78ad3355af7fb2d6b3645d767c039c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
949
last-modified
Wed, 31 May 2023 10:48:15 GMT
server
AmazonS3
etag
"a9ca78bb79229c50198616b18ae01a81"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
adwords.js
mcd-sdk.playbuzz.com/ Frame DB14 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mcd-sdk.playbuzz.com/adwords.js
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
18e6326b91d3429b8d1c250ccfa1b6422671a95cf052d8d2951d2feacd5d7f70
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 802A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=braincandy.net&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54784
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4090
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 02:32:43 GMT
etag
6119613530591461916
expires
Sat, 28 Oct 2023 02:32:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame B2F2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=braincandy.net&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54784
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4090
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 02:32:43 GMT
etag
6119613530591461916
expires
Sat, 28 Oct 2023 02:32:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
va9I4kzIxd1KFrBoQeM.woff2
fonts.gstatic.com/s/chivo/v18/ Frame DB14 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chivo/v18/va9I4kzIxd1KFrBoQeM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Chivo:wght@400;700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64aa7a01c38e5f51aa6b7cd48decf2bd9ef228857df6ff47b0f58b38c1bdfc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:40:07 GMT
x-content-type-options
nosniff
age
111940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31216
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 15:51:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 10:40:07 GMT
vqlhimyr5ikas205g9jv.png
img.ex.co/image/upload/ar_1.7777777777777777,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1697064035/ Frame DB14 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1.7777777777777777,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1697064035/vqlhimyr5ikas205g9jv.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f3f82cb3284225e8134e4fb22699b90ddc1a943b82b955ffdd83601e4c5776a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
x-amz-meta-cld-surrogate-reporting
width=640,height=360,bytes=30544,owidth=1283,oheight=855,obytes=1717574
x-amz-request-id
MJ9KZ8375WBR8Q08
x-amz-meta-cld-transformation-id
6722675133246579449
x-amz-server-side-encryption
AES256
x-amz-meta-cld-version
1697064035
x-amz-meta-cld-surrogate-key
320938310573974399450684566794596394377 461140603397644067432555687153388599740
content-disposition
inline; filename="vqlhimyr5ikas205g9jv.webp"
content-length
30544
x-amz-id-2
kXst5AFhtVRVWDKIYsj1lxUIKMimmJeEwlR43NUTg8wcFln2HvVUec3LoBdECyOSK6YcZqIZDMiNUJwsimKS8g==
last-modified
Sat, 14 Oct 2023 02:09:28 GMT
server
AmazonS3
etag
"b6fc8898d7e1604f5e9cd38b1c2af18a"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31517660
accept-ranges
bytes
expires
Sun, 13 Oct 2024 12:40:07 GMT
template
ads.playbuzz.com/api/v1/ Frame DB14 		19 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.playbuzz.com/api/v1/template?itemId=f7022538-b5b5-46a7-9f85-31cabc8d83a8&referrer=https%3A%2F%2Fbraincandy.net%2FplayNew.asp%3Fid%3Df7022538-b5b5-46a7-9f85-31cabc8d83a8%26ia%3Dnancyg15%2Fslinky-and-rex-are-from-which-pixar-movie-%26m%3D%26c%3D7D3119
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f3d6e6e9f0f99b3076b9f92c227fbaf95f00f6418b03bcdb2324069b1a3f332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
3219
x-served-by
cache-fra-eddf8230053-FRA
server
nginx
x-timer
S1697305548.696395,VS0,VE310
etag
W/"4d5b-1gB3YCIZucaezkOpGJmYmA"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
vary
Accept-Encoding, Origin, x-pb-country
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0
1235.json
id5-sync.com/g/v2/ 		276 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
594a2d0001537344531d1eef2fbf967a3dcb3f8dcbcc1184f0d35b46ac83be10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
css2
fonts.googleapis.com/ Frame 802A 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 17:43:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:47 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 802A 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 01:08:26 GMT
x-content-type-options
nosniff
age
232641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Oct 2024 01:08:26 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 802A 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 23:08:01 GMT
x-content-type-options
nosniff
age
239866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 10 Oct 2024 23:08:01 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 802A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 05:27:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
44304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6575
x-xss-protection
0
server
cafe
etag
17858602555770451360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 28 Oct 2023 05:27:23 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 802A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
67958
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8568
x-xss-protection
0
server
cafe
etag
3657364187347500438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:53:09 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame B2F2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 12:45:24 GMT
f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame B2F2 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 21:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4599
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 21:02:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 21:18:49 GMT
css
fonts.googleapis.com/ Frame B2F2 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 16:59:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B2F2 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
69030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:35:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame B2F2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
69030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:35:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B2F2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 11:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
21911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 28 Oct 2023 11:40:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B2F2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
69030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:35:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2F2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:45:47 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame B2F2 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 21:02:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 21:16:14 GMT
css
fonts.googleapis.com/ Frame 6AC1 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 16:57:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 17:45:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 6AC1 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
69030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:35:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 6AC1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
69030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:35:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 6AC1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 11:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
21911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 28 Oct 2023 11:40:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 6AC1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
69030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:35:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AC1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:45:47 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 6AC1 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 21:02:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 21:16:14 GMT
hls.min.js
cdn.ex.co/player/hls/1.4.10/ 		366 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
75fb3e2fec5d57e634dd2a97afd2bb7139c6cb0f1f56f9f57ce2c797e671364f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
110852
last-modified
Wed, 11 Oct 2023 09:05:36 GMT
server
AmazonS3
etag
"11f9c70968e9fe9fe95f45eabcd09af5"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
rtb_vast_proxy
p.channelexco.com/ 		60 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=eHYtOnZKRUpRX0JhZShMUOW15f5Fw8TFTivtqa9_2Rjyo-L4UU9wH02fpG1bE10cYOUtfRKVqUmUs2ggGgOXLUi7gVET0hZ6x7zu4_N-G0yNhfDd7uwmz3MzCccP6slgohGq4s_HpZlV0sbePTVOWPs4qmC-ILyx24ofWbmNp1JrzeRWM9RnB-stqb4gEkOvKZhtxHpsYWMk03kYhbXbeMa01h28aiMQyl1wGjFfWCmvxjkGtVX5zz6vyNHedznZFEtyYkrWwSeC3fczbxsyxhol4dtfqEnrj6saG_0cs-1yPtgGADeICaj35BkO0TmUnBETnN06ogFInt0McqZiZnOOtwo-asR29UphEL1wFODsVhMozOoXrjnEGDfOGJ8nLMv6EnuK-lCTxdXMhi-vAwuNlPylLpdzMTvFiIqljX4EM9PBV38GNwm2pUm8sNEfrHFU8VN5Pv_nPdn4LtaR--wqqzxs1jMIOLjTzYv_y7N6fjeZfQ-SFai3xW1S3CYrm4DJFpIj3tyc4z9NUNfaMYq8zrfJMfUsOpw_-Ma_SMJKmL0_xL1S0jbsR46EBIDs3SAT9AFANviOCsnJj0B92udLlwFZfJ34rpJnOn9ik7RfVqLkoAZytwPaJLcBLekTB03-g3yxh0v52YWntkE2S8W2lAWnRw6A8DqA3nwR3Lb2ZlK5tvn5JZBnCPcidODeSOKJAoPvU6aPQKdX66BxlGYke4ZABG0fzk7xwyrp3DxEBSIGOCsLHedoN7_W5keH0Csy0Yfhm1l0xo-XiUx7l6vu8lRKi2pL8hkgx125iDtDxCYE2J27ilmVCY-QX-oOpUmWCJ5ZKEsqajy2zFZn9hWZQR9xR6zfZOePdinfKFoJJzWXmTzafECI9s6d2LZh5Z7iGqpGGhRb55oTs0i2MA_1K9ZkngPFXczEQHKmHlEwv65365WCPGsm55ZOeBCUwHiC4ypaxfzJg1xyed1ENBdB3E-ZuffvlZZdk3pNb51IpRfG_jsvSMNKJiZfVQqo2z1hb_cVv-nVKBQKiIj2uZuL4mJEyqaBjY3HF-890qxZW-ESltODV8n00ekY_WdvkK96-WxgqxUu6fH_asoLTTggO6UpUltMwpugNw7GS1Ct9bjCyVugbeHkYw7td-xXB38h7xGKlQo7rCmmeSXYx5lhoS-L8hQVidYAAAOMI_RtwEspPCFXTjjPekEtU4qKPuSSQ07cQAPx1oEnHbXbzquWJ86RteV3gx4Wt-2LLGlG77QboEen813mwTcNbGV8gP1Tyx7NNggoRgNYsgz6pgRRNdeHZU0Wn8MvRGbHI5UFB-qEG0H5OGB4pFjitTqP1AqgQ_5Q5KiVr8H3HzM5OhGd59oBNaf4PeGGV76RoNegaybx9Wr9KbKeQ5OfunfWUlXcPepQa385ELVX5Od7ssxC9JragXMK3quDHfyE-EwzO1jjxS1J4NTZ8UiVUaXffnD-dDP3hfp5Y3mRlj0TaQgj3kp4DHC12UHlTu_08wU2ePyE2MCNYkipqPi4W7JvPd8K5Rzc2t5R5OhaFIh11fhKNsiVSErUSOxVkwZNnjCwVQWm8sCo6UOZLpQdN1ePs5UhMgc9D-LMxdPxg1Uf6GVSnv6EpHZ2klWzZtuQY6UsY70V8mmV9oG8o4q9SDv9xPSwgbiSV6iNuNX5rC0KhCKb7eJBGkT5eXZcnUTLuRM5IYdJ73-4LfCDnnFeW9s57jxquW-DMmiz2hZpbUiukDphveJNpf-R_qpuHGlaVvLzMOe3tuWxXeTFjKS_KOH1kQ4y1zyb-KbECKhZMhmtI8dFGQX6KWaW4ndXW9lFbkOiDUXR8mSHOM2bLtcnJCNnzajBFrPt5_y47GqCZTM7IeQX3iz9GRv5pV9nhiQxsYKSJGMF83oMZM0oJ3Uey9C0nGQ_z3Ivx40UbFchmbN5HAK1FSMB1nbKHB-ymgQ9DQZvddgjeRHw62BefcZ2J0BQ_Gdcmzv0Evr2YcJurlX_njhQdkpJ9ipEtGuS7Pp3XDgKYolyWmRW7DB0Tb401I52WP0XNui40DPOVRwg3vNPZ2fToAOeOeNQjR6CzMSdYT5Eg2ZGu1I3sB5bWeydvo1XYrWjOOJit42O8trnWEUBNN4AFA83sxEH_xjEKsHqsmo3p5_TvoGvMUw7MOt4eXvFodQQko83oLrLJRjgead-C6UOLIcxZ7WI91XzwH60EeRA1ctKz3Ugbz90__fLcfI-5hs9mUcwF4OOW-v_CcjFyWTQlXwyHwrxFFRit1GFJjVXGekSyT9AW0RQakQ2kusIdG6BINtD-MO0YgxT_hJflv2jHDoxokXwxk5nq8prOqiKKoaBC1jXBBXiYV4AgyD_rKxGZoR2prs_iOJ7KhUXCwoExDMMyHh8NsUgJpLOjtFganGNMvB6eHH2yUYZCRB4x-ftDRCBUK7RcxqEhEdVR3FWjE9GBFbYnNczTJKBgngC4WFOtQzCU6EyDDJDGxFIVTLQVY0Yf58CBBBSapL84vETKw-b8W2tmUqX5WxHO1Dl_InmQwOE1_cY59UEUhLUDoLijIex3Zcse5LUHz0UFGzliQAvT7amNgShdujgKL8BxwAOLUGntoih3oyH6SL2&ap_size=2624&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.159 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=OGQ6bWdlejYzSFg6Q31-d7yXzEwGSF9EKnXNcdt7N0VgVS27-c0yASSoRmJpKkkX0Vn1z96TRy-4_kCevn5Dy8bMrnvkqo7gds5DpOayrC9y7XEPF3ZuBVCbO4XazZqUTbdj_ueyS26wgu-1dEJ3ZguZR3EF7S12GK5_tYhGCOZfuuuBH8ar37MyJu-jHz91MocGtYZWu6S7eUtJ56Up5YbsjVd52WS2x3UUczjZzN7r1HvY2M6L3SyF99Zuis4tq13rpN9hZRDeTAfoYLRcyriUIcycN-e4iRKaG2oBX98TZt71qdrebMr6xWJYtxYAwH21BVYoZTWFHHBrljU6GMkfR-1Cr3DeJfg8jR4Tb3zB_vRZt3mAsMgLKwej8rrBzdC4vLTvAp9VS_epGTzSXNNbLd_n2LOvBD0pU48Ub4TuhSzNEFP2p8QaSdJX2oxtgTN0pEk0yIppqLM9Gp4zd2ihpox1ErsnfBhSXdvw3jn-6lebkU5a3yFY3_ZomcFm9aohIrWaXx6VRmmNNkUoLBMIq0oSTMM-ankOOAFNok6XI2NUQx7g5aagOr_irMnsNNWoQsT_2CQDS80OhonUjwqjBgs04bh7Rl49Zgz0GAMvj4swFkfugMiP4mQTg__g7fR-Krvi4bEpNbExIlC804cDAiM_FjZdS2qVlKiHiGke6QnshsJTLlOEmYiZLtCLaUUWxZMiqDWgKUkpbo8TxJMu6vRiZFPuQd_LuNstJUZbk6ZuS4yRQt9hrTjQrR7HuC5u9ULP-q17W7sfHW_BNZ1BRGMCQRS5Fl5gBW8KD3IAUnXchjgUUGvT-jxXJg7TbJEp4HMiItRfS-Ldfiy7XmmqnO_fYaWbeMCDBDMx7gOJmVLSs647aJu-wF7L47zFt-w_DsJiZbTY8LVT3F69m-mZB1yjE-xUvYVT7xSjo5YWpmeiNce30zB2P9cQPu7dudzFmcJuw76chRS_QTxeM30P-ojVg-Th34occFCuCzGTgTi7_X1j1x-iJZTVBaKT4bHEvxdt2UostzJ35PGhGe6zbW91Fm_1aOKiY7G151KdzQ1bo28Vn6fBmrzLoACUSmDmPXH0SP8e-H67JX4JT77hnCtM0kj2pI-KGFiATA5vE0m3hR-QhIB_J1AtqycoRtEDOOsRqcV-FhYPx_M2-oPllV0F87lnyt-xPcdLvQfYIBM1pHMn69hAV0omjLb4lJqPq5p3NhqEG8Qk6f6nwr03BgXwCqelPZFry-8n0Dkr-jn79pVKAGJuuBgCDrm4hJ3yqeVhCo_UXIQK-3IJjEJZiYVbj5XbAVfVXuEEKAZh21PYVehVLHIEsKPRpPh5b3bgg1kcaPVPE7vsfVNG-cOdVkpF1reRTBjiR1Iazlk3RQHVr6GSEXygCyzAko3TtJu_Al22IFUTOdCcN082hLD9qSPlwrUjL3njerU9y7_DCJfL2a7EDoUz2wD1TIqL1jPx66C17-_vY9w5yycdxCSbC4IpFJTfyo50jlgl4CfnS8zkaXZS_REJ702MMeFiEo_bOaepusZubLA6QGcnHwJmp1CyVIUiXZS2f4U5VmdSZRaK7TyxSv6XsdVXhGeWSV0W3N8QMmTXAtv9aM5ABt5eGK3rede8om1_k8S3REWhRaHNniaCuvWFPHOc1rVGiBDdMSfaqjuMfhsuPRGm74B9pnVaS-VS_w-FZnCTx0mi4ZG2NRjFUPU5hwUElsHcdMRM4uP-zRaNwL5auQLUROwJmaVFFoFm7Ac115cLlQ2fpp9dSe_ggiPpjjyjvTz85luLxa1cmPhhgE9ThzVaCE-nMWNlRAbC0ol1SSXOvkN1Ic3nfibuSRbmPmiRmod6Eo_mPAfq2ePqenjR0lNIAuyR0qUl6RvtixfRXF89QvrV6cYQbpybx43q6Drs80SKPfIVHyqCvFo_BZPNzK4uC8Dlxn3WBSJbUucqbJapyMSQoO4U7d336FS6bViw8WNtIWIRKFm05MF24KqDD7B-Iru90dqWRLWeBXEqmlPsJW4jCJ0ZHSlxZAY2vRNPk0kt_Sgj4Z_CPnqtwjT4irx3ZinprF9nfJu9MlZh6z1EG_zDnCOHzmp3kdPKieFgiZzZKwha5Ochl_QRhV6tai6aRHtCzPZ17pDS0QPAUbTqkZwd9aR4NLdX4j1akQY-M8roBqstZ1AzH9yPJP8lvrWQGhlL8vHWVtuMFvVfaqhz_yKntjlhyzP4FeDeKwka4bftTY6Yao23wzS6JB6D5fAXR8ctuiTr4FuiNIsb4_Oyxuc30Af9fHkau13DxjXf_ZS3MT06PwMrG93BmN2XQHsioe083PhBIYUSwifyEZSLlzkxLj_KCc8gOqQMHWq4IZHaYCgOKrA6jDSpAaLkmmQUaOZRI9bM5meGIp4wAnBVhgwf4qGyGaacJpdFw7flEzz2RNYsqnqxb91tbCNHjchJ3Pm6qMf6Ulf23gYKUJXWn_JRitj2JOyveAItzBtTahSEvwrUl7CtTmqizHKLcUMMSrDyiPSJpI8gP3LauNXbt6hDUbe-GwPQG530ZF746lYbRUc1v9qBIN8NTKb2TvHWqWEmbsWs2OYPLqUstOMCYgzT9TM_QQ5q2pFmB5N7yHTiwzDMFmBxRxbz75MHjZQfXUOGSHc_urbZfjSf1fc2GqQ%7E&ap_size=2668&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.159 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=bnk6dyA3dlNNRj9TMX5NLsqADV0QYIGTA4TQZ3vtclPA8mHEVM16wQZeeo6w_Y22x15uRsGRwi7baphwpDPU67iAUWZ2UjLdCNiMIEMBzLvDFDwrEqRLZjyQ1uCLK9vJH-SW5TFsOOLUg90Okyj688sxwlpfBd-kiiCjZdatiNVxLvj0Wx5vHrwiCrU_cSTPjIC8lxXlaNG_sSWRde8KhiFzQfLDXif9Auppb30v0vIkyr0gKzeQIVmHgImUSRaV9Zzo4lvnQZ2x8cUUMP30xVxUKbNaitz8a5KndC52xpYL7WZYP-VvUl6BSlf0xUN5CgF1NU0xe5n2sD5BOY6SxWUKCRa93VjpoyhCgVXP4sODdA49Xl-NmovaO0mhxQs0KFF0z2K8Ia6SUY31N39DU6s-jUZ8vFVIULUGpjoQaBzFjF_-1Uvfx14oZOaH4PB09-vWLS7_a80f1O-TTQuCR667Pua0r378CXSmKTAr0UD965bZ8oyWknDRBGKKY2T4M4-f0ofIMCeySuuN6ow0yV96Xtj2X-3x8p_AR1_p0eZ-dy3hxZfcPZY1ZnT4uykoopAxEThJfiZMTGvDECq4UUeN4STUsc8Dgil2R7jV4H9nun1lUF3BuJiILiHAfTctre4jK60D4mykmNzTTaMjgf45y8dsqTEn7UQXr2gIShU-6n7d5VU4sCTWMRj-y_GRRUCUJtOK0ODPH8itluZo0ZyGvTuWCE7O6dEPaJwbnNrIOOFNUtSmzCZ9eOfkbeZMhlW1vc965ioIIIkfoff54DqUjtSdpYBIMrue4ABxoV-OE-UIfSKO6S1-mRFUFZuabyJhAEw45stppt5rDo99uc_d3LZ8CZWsbWJmMkEh6FGdsMyuZjmqgfHixNtQfDjvJCrLYv6nitPQUf9cbjDV2Uf3cf5-CADLdbRCWfHBcgR0Aq8Ercre6Bo1goo8bbOqpmdDKVPr7lqWlJ8GwEExxzJlcUmzAniqlFaIaHs6491LVCQpvBEpF-1y1kGzukoPV3WPXml3I4YeLzxMwBnGGpMaUjVOGxyTt5Cxu7MHIcfWGqHoEQ046SmPzbNOOIHRz0aGjjEv9dFPBMSw2XanXj_MYfGJjkFOaonO-QoKC-q4h-1emgv6hvtotv9HYnIxJ9Eo5KThuZ-ZzqOks_FApQn3qfK0oNkQp-dAWUHtiBNLMWEuKdI3RKSiOKAJX3AwhLS9v4_tpCS92KIlPcy2JjVXjm88aHGVeV-LM-kD98OC_TUujwbGuAWmKkMzYlmqzRTch5TRecwb2c78mbTOtZmtiNt2D32XY_tu3OTVj6LHobMqDAJLDt3HctVrS655rOWrFLWJxJlnVahK9_QLzNZK6o3XuKpyLU7qDLNUDTawAda9zswydspYxBtUTioZCDCTrX2mqSCbmFvAci4_jORw03wSJ4p-6Cp6GMzq0d3De1C5xi-kViIUwPjjqp3oBvP3msoou9iv8aiystHDAPgYNE_9xvV6ahMhnV-OVLVuKQMdFKk63oOeffSDtLG5wQftXm5aa3RpyFpjv55uVPJt9jYQl3sVyLg9fLlWlSJ2Ocxhi_Jgyp1Xnqdgp3uxvGcBnjWXwoaw0CLNXOPQ1DpyUR4zUqUAwKS981JJ5OU8UbpNJtvTb9qDv4An_wQKcgOahD0YCtUCPRXI83vp28YdgiOm3J1biK8Zy7cpYCq4K1QasMqI28ufAJZ1hAz-JfxI-Amn3vE1EEAPF8euQishBtGTyjf-jnyV2SHS5cXfkOOuAJMg_pMAZqba0DZc_hq4mJZoT-kr9apM8TtPr6DtjuFKIrkTFNNT5cBa6MzaNhTUFJzVBHI6rvPUvm_YADH__k_m3tl0kxXLBx3MacY1zv9lYq3koPAbZGhVv6-sItYmF3-RiVjppVky74HsjHkO5Ndwj9udxKZQAh4udjyvU1qdnzt72KT_NRn0M2IUtQi-v_XJnh085YcP4vN6ovAJ7MQuLJabPR-1d330CjG31SQnqKCHYLd0T5thjADr3EXvVLbmsuBYNXNnOnMt5ZengcXepoYTK8x60wdBEPtOv7YzUdnb1i2oJ9VviIiivhc7--8onWkHnvyx6nfsyOyqRWoUegB-3f8OaKESxGEWTiYbVM1Nypw1Kyp0iFQ8QsdI4UawRg8gw1bEWUESwDMlr29xz4liknN3Uhd0CYmHPY7RnG0Yet6JaU4gbOjjxpf7McDpi9B5KIME8g9OGjYnjGoQ-dcCSQ9YFvQ2-G5ycmvB1dUZpYirdjz7IY8b9IxKTgLsGeaAyR6dQDYBSAdz2_pBDEkkpnt-6HcuMgiaC9uQhRPS4g7Za8ZuBqVHgnHwhUEayZAfv2dpqbiZvVvtBzVFRxf0-86DRAoyoxiCP8ixbrYqF1tiWJ-sruY6T8CRl1BwJN1MVYLA_6T2ICg5zozxy5w6V6w6qHaQEIVSJJ-ONWKgNTPUrKw6kjXWjK5Dw4C_-ZreyA8P8GIeXYkf9IBGxh8_zgF8esTVwfgRS8LhALcx-fOuGGktVLBFEkECGVdbqKDx38LIHr4arz1RXD7xd_0ActizWxSDpOnaobNaHupdNRWZwlrFpIHQZxi4sJLFHvjgmySMnSGtr7P0i2Pe0lPavFkaz0i5EMRAlXqkmb3AYeCcCA2Bfac%7E&ap_size=2668&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.159 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=b31TRHU2MTVRQGVLP2NDdDbCn0PPWe43QF-EXFzTAFhl5nrTLrgiz7miLfwGXNqq79ahRJt2ck9aSiQsyZLHa5rg7FdkUiodiOsdi8kjlaALimiVEwhesKJBgaFjQDQLCQ8IiRsi84148nBdJ57SVfGd7nrTP7707VcA9tIQmXz2lW_YqAqkxIWv3-fo-or5ACQJbSF_hay_BridpjVQtok0jkwe_FUcWBxC6wHsPLKz8mMeLN8wRipX2DFV8vmM83FlXnbcVErtdQfQSPilrBJXn4X5HEe5S3jq_m_hWSQOiv-vcqWcvM_yQHxsip3TRznXh2ITen8nz6iSrQ5XzB3TAqsI_uNlIm4-jKe-Dlqt45_J67xXDRhr9jxIxvb_cdvWeX_Wfjo1agZHQnFSX_j0Rd8zjaxYo9LEJOVZJIN0O_8NOhFnPG1fEdmfo_UXhD255bZXwoswQ169o5piQUjJflswJhOZw3eHDog4rGMdvb12_kHx5OpW8kb7tiImsIm0rqNLeTOtQpcRWyhqUv2LxFl06LrgTjH5SWeHHsmjvPrz9p-RgWs51XrGsPsIu4YIu804V_7IDwdzatN-Axx2AJoDBKgtM9anxjyUcoch69dFA3BPqlM4SWJqpf67662y2WFW-u2osydzO7v0225Q5-u-F2HvMuUejXIEjFOD6gDlpaqaq32A0nRK4gXSuoaVi-jaryJf__l3B_96LDOKZIvLsbaVqJZG_oftQjnScCdzeyt19LaUwDRQIRhO9uucQL8-j_t_9DI-OWiKyPQrmlu0zBO86zvGToVcCr_0MaxvYWAJXjRTnH9rFtU93oqqV1Tc39SrvFGUdpwKCCvySGCmU2MOxx2NBCkjb33vENJABjCvLoTjrVqWUAPRPEgMHBMVJZgEhXwEkR14bjbBrh1rzCjZJWnjbyoLMRkc1Jallh3NBM0wpRGNZp6KTEq8pd0SGn_O_gRDFRRteCoVZFHMbJ36CaIzNrGQKUW2IcFywSGRC1-c4btFbTo-qEKriilCRhwA9Voos7QVcmB2Peu00UztPxbM2KLuby4T2122fmvj41kRWx1QKcD83VIP90vr_PT5mHMU_hJ__TFHHUP3rAFxIgyqwVlVr9LM0tQwsBYOZr_-4RCL_zln3OSIo8SDm1W7fKWGbjCQ-cq4caxcJvASrbrSGdp8GfFdbDvGH5aXmtGoI-wtyR49pXCh9Rshh0zfreDfwhfSzkEfRAYe3tAIpOjWli0XnbNOcuYHgETAOeZRldIpM_O03eLxq9vF8OkaoYEHkIWiYRniPspEqTvGm3pkoQtzAn5GbzI289zgic5on_lpkEHLPJF8e2Y3zdkAjg9MMJsKpOCk2YD01Iy1Xl0x4m-hHxPQfXQj6FH2SF5GlLML4_EBjTly4FtWrcmgsHt5374q61DcjQlS-hQDVJk-HmacH8JZdlOdhR2aobO6wLqHAYHwHYBMlJyJJR4hFBMH1TXXEMyOCMP7PmIRQO09KvT2ekz7eOr4F4BfIVlaFBoWryTeO238HUk2r2gN4HRn6E31djM0mjE_T4ZS2m0NfT7GJ-6XmrcBuVubjH6VQm5ukSTbFc06dJPk73CgRiRYNbwDZ0vdDZ64hv_S0GN_Mgru0ybh8azSs_uRXU75uhLERUZq9tFN1P2LxOoP-9keF-RLqjLhxUl9f7pXCKUGC5a9R-sPH1KxN5MLEuGUPu2U-HVCHONFdpHuzOCiDm62wqySxG_5xc3TwDVTibDpfJsPEd57zHvKYuxDUkb_gfQJXR7NbcYJI3ki-ik-wJ1qxmwiz4QbduaDtjUXFTU9Ggs13XEEiKi0XLHph0NVyNOSgCl-RdnYQy5LO1kKajpU1GPWpC8nVJ5VK_wavv3oaENkjsIS-re7EjUXvRQ2z8OYAOTVG8d7So6QumutEJtoFZQHjAPkLz-3w7yYoV_DXoj1Bt3fLche-hCxzlpLSINTeGHtve-sIEwJpFRUiY4DfJp4qdZxnaMqkXdAMNhOxPjzY8DRWj6NUGQOD1Eyv4Aioz-OVSt_7CV1mpvR1jg_MdvBcnMkpYm3B9lNMRS4HHiQMeL-v7dQO5nlrLGzPe0AV8U2Ejkfm0R_u6iElsFbi2HavrZjll5JcQAkX2m57J62xezMR7jdvbME-MF4c9suny2C1J42y1xJ7iNVE_qMcsB7fMFYTX9kPg8SGchQMZiM-1Psmmj-vtPEaWsbUUOLY5TtxOxx-3iaLrfZT7qhvWTk5fxDM7VNs-EaavZz_TXLm7-fb1pM3zgyfxt0B3RSmeyXQ32F2JK6wf_nihYFp_2H512UDvobc4XMSDxip5N7ZWkyclJw9kJrUu0JVGaFMYxwkJDRQKYRALA13RloVCl7aPRWHwj4qyVV_5slf-P43VwlHDy1F_z9paQBq2LOIusez4xf9raNBWgZsv6TRot-xe2Teiq_i7LFyXkodsL-M6R4OamUDbmEGIIZA_Vrp-swQQTJZTZeIeHG62__czEBA65TfAD-sq2ZFQP84wmMWPDK-tNyUv6XcPEIWqxwV_Zcuokx9_MpKNRMGSjrUwHa7I6bf7zKir-LgGwyd9_cBB91_Robf83bU0DSThEFqwctMjxK71m7YqHtbJdSorb_LJ0ovbBNIU6yOqPWuGZyst8%7E&ap_size=2668&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.159 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
expb.js
cdn.ex.co/prebid/production/release/1.7.0/latest/ Frame 2793 		541 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a03a9427932cfe62b173c84a6d54a73d22de419cbaed9f931039a0e6e22680b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:47 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
183350
last-modified
Tue, 03 Oct 2023 11:33:51 GMT
server
AmazonS3
etag
"b89750c769fe8f8751319df0a2628997"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 905C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B2F2 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b38571c0d56331f055c5ae512fa13ee544dd6e45ecbd2cabd121fed90755f8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
86f04710697327eec94b61b3bf14773f3f89193af7b68dbb4afe3eca8947c48d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1128
X-Served-By
cache-iad-kjyo7100037-IAD
Last-Modified
Sun, 30 May 2021 02:19:47 GMT
Server
cloudinary
X-Timer
S1688424694.768841,VS0,VE82
ETag
"82c74f3bd839ef4d3a99d0c9e56f8cf5"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22676735
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
pagead2.googlesyndication.com/bg/ Frame 36C0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Requested by
Host: braincandy.net
URL: http://braincandy.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 21:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
244101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 21:57:26 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame B2F2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CcI5RytMqZcWoAZOKZ9WfvtANhYDexXPSyNfImRKGzv-VhBsQASDEhfIcYJWCgIC8B6AB7Y2IjgPIAQGpAt71OhnkobE-qAMByAPLBKoE8QFP0M690Dcuo6o896aAhxU_ppFRLOJG20RBllo...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222358626952675603759%22,%22debug_reporting%22:true,%22destination%22:%22https://b12ankermann.de%22,%22event_report_window%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222358626952675603759%22,%22debug_reporting%22:true,%22destination%22:%22https://b12ankermann.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22834799341%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216057056697939535041%22}&andc=true
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"2358626952675603759","debug_reporting":true,"destination":"https://b12ankermann.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["834799341"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"16057056697939535041"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 14 Oct 2023 17:45:48 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 14 Oct 2023 17:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2358626952675603759","debug_reporting":true,"destination":"https://b12ankermann.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["834799341"],"4":["10-14"],"6":["true"]},"priority":"500","source_event_id":"16057056697939535041"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 905C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:45:48 GMT
expires
Sat, 14 Oct 2023 17:45:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:45:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
pagead2.googlesyndication.com/bg/ Frame 9114 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 21:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
244102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 21:57:26 GMT
42094
idx.liadm.com/idex/unknown/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/42094?duid=caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01lm.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
63b83ebb305e46d0
vary
Origin
request-time
2
playbuzz-ads-module.min.js
static.ex.co/cdn/content/monetization/playbuzz-ads-module/production/latest/ Frame DB14 		135 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/cdn/content/monetization/playbuzz-ads-module/production/latest/playbuzz-ads-module.min.js
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e0251f08e22056539cac886be78fd3aedf6d08584ac4a1aaec760018c399fdf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
32598
last-modified
Wed, 30 Aug 2023 09:08:46 GMT
server
AmazonS3
etag
"4239e68583dafce75f43a81a7bf4656e"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 17:45:48 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222358626952675603759%22,%22debug_reporting%22:true,%22destination%22:%22https://b12ankermann.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22834799341%22],%224%22:[%2210-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216057056697939535041%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 17:45:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1578401826/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
71520f54930c384684a5488ebb69caad29c76d23cda084a6c22692a14d4c6f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1787
X-Served-By
cache-iad-kjyo7100037-IAD
Last-Modified
Sun, 30 May 2021 02:19:06 GMT
Server
cloudinary
X-Timer
S1688424694.984297,VS0,VE2
ETag
"11dbe22960e2de2d83e57c9243f97d95"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22676668
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
activeview
pagead2.googlesyndication.com/pcs/ Frame B503 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssevdmBm1_P0oZL__D1J4X9kuFTZfO6yXcKoITKKvh1CeVOcBxyZhJ7MqXPYAt_hcvlQyST7DzlYoyUhVPysY4UoWNlgx1boLke3LKBG2Vs1b9wB4yqn_kVdOhdYSRZY5v6EiYn7YFMIglL&sai=AMfl-YQ67wZUDHSoz4jyg_QTl9JboyyOuGC1TAT1V9brV5cvo5wwYFB68gndz5UxRF6cRk0dodEDWr1a1CFRomW5ApXPcPeSHLUyDpLsUpJfuzIoSg2QlHfvlty-3Z2gIwiLuKA4nG6DynZIY30g_Q&sig=Cg0ArKJSzMzejOhK3Z4tEAE&cid=CAQSTADICaaNr7RFRSEmmLnnjYiQZpxcspjwIBWr2A7DlLbX7qfqbvdtPO9aBVonrYVe_I2CXKO3UPILyavjaGR5jRAOfa6b2C08LoqPJFwYAQ&id=ampim&o=1038,377&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1041&mtos=0,0,1041,1041,1041&tos=0,0,1041,0,0&tfs=320&tls=1361&g=100&h=100&tt=1361&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BD69 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTo16kESkHhGD1emBbfUZuIodvzQMFzKNbuP0qpKfYMCenB0TTqMyrtjbm1mMiIbQX2KUALSDHZ1YGNPfayDHmLOZA-_LT5q4lcQ3JLvbPRDUZelwCNDVAWoqAThmGasVOO-0HF6WxNrpe&sai=AMfl-YTEkZsIlx_F6w8O6wZpYzWSov__M1kyYQhLXgfGYr1OliWsZcABMNNusg0vzrP92zhHiY1iheivACa1c1qdeMvj9k7rcHyeB0Yo9rtxVRbFTrr3foD6N_nHa5lm7uK277LPAvl3eFURQKgZWw&sig=Cg0ArKJSzAd09rQBqChlEAE&cid=CAQSTADICaaNoh5MjF3YoBgPloBXeA6KkwXq-ldb_0Fj8Q5B9zsXFrqaEhKmduajnhRERbjuDll2NJBA14fj05Mbv-Um3H2IOC3KL0jAzhgYAQ&id=ampim&o=256,315&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1018&mtos=0,0,1018,1018,1018&tos=0,0,1018,0,0&tfs=250&tls=1268&g=100&h=100&tt=1268&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DB14 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-module/production/latest/playbuzz-ads-module.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65d7642529b80309658a078c45c7eaedfcabb2908875d8c4f0e8a4019cd557e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29651
x-xss-protection
0
server
cafe
etag
797 / 19644 / 31078750 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:45:48 GMT
sdk.js
mcd-sdk.playbuzz.com/embed/ Frame DB14 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=d7c5dac8-06d6-4dfc-aa87-006948346a2f
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-module/production/latest/playbuzz-ads-module.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
df478d5accf4ef12cb7440bcb562fa5b89dd9f8efe45fd2e6b42674a0fa8c3c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 17:45:48 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, HIT
content-length
16807
x-served-by
cache-iad-kiad7000086-IAD, cache-fra-eddf8230055-FRA
server
nginx
x-timer
S1697305548.165118,VS0,VE129
etag
W/"b694-X01MEK7W2SOcqJBpc9evrufwERQ"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1578401826/ 		97 KB
98 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
1dd838ebd3174f3cd09e80284d620fe217debc3ef385362efa7d653521e05434

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-99639

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,201691703795562271966273117828695354966,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-99639/1757612
Connection
keep-alive
Content-Length
99640
X-Served-By
cache-iad-kiad7000068-IAD
Last-Modified
Wed, 26 May 2021 14:19:36 GMT
Server
cloudinary
X-Timer
S1687248422.113103,VS0,VE1
ETag
"70b3bcf11dd886a8983da65876fa3661"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=21500470
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.161 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:48 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/ Frame DB14 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 21:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72540
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134705
x-xss-protection
0
server
cafe
etag
4581834702576728701
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 12 Oct 2024 21:36:48 GMT
adwords.js
stream.playbuzz.com/ Frame DB14 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.playbuzz.com/adwords.js
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=d7c5dac8-06d6-4dfc-aa87-006948346a2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
aniview.js
player.aniview.com/script/6.1/ Frame DB14 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=d7c5dac8-06d6-4dfc-aa87-006948346a2f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fda6d31bf9df409dd091a643f742ca0e2f42e39aff9106003473239a284ef526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduHZtV-yHJRoczlXvzhoH3xGyYBp8_pd7kuh7LaTW23-9tRzf7kqpXq-62em73Sjwm03fOfyn6_QRBJ4-bUBPpOPyc3_nDh
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13528
last-modified
Tue, 10 Oct 2023 08:13:21 GMT
server
UploadServer
etag
"4489c739a1e3958ee9917fe3ad627ab3"
vary
Accept-Encoding
x-goog-generation
1696925601072097
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=fC4E6w==, md5=RInHOaHjlY7pkX/jrWJ6sw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13528
accept-ranges
bytes
expires
Sat, 14 Oct 2023 17:55:48 GMT
events
prd-collector-anon.playbuzz.com/main/ Frame DB14 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.playbuzz.com/main/events
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=d7c5dac8-06d6-4dfc-aa87-006948346a2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.244.88 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-244-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:48 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
track1.aniview.com/ Frame DB14 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=56ea678d181f46c76f8b45fb&cid=5ab2567228a061767a0764c0&e=playerLoaded&cb=1697305548320
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.14.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-14-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DB14 		645 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=424305200849678&correlator=1413647563621026&eid=31078530%2C31078750%2C31078787%2C31078789&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fif&iu_parts=94166617%2CNetwork_Desktop_CT_inquestion_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dbc75b8bca6d07f20%3AT%3D1697305545%3ART%3D1697305545%3AS%3DALNI_MbNfOUNGFn0FHaLOmBXw_6eO4aHUQ&gpic=UID%3D00000cba804d841a%3AT%3D1697305545%3ART%3D1697305545%3AS%3DALNI_MZps8ULZV7rsGXRAjyKQcQKt17vmw&abxe=1&dt=1697305548394&lmt=1697298348&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&isw=762&ish=655&scr_x=0&scr_y=0&btvi=-1&ucis=n3htmj4gh1vd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=2&url=https%3A%2F%2Fbraincandy.net%2FplayNew.asp%3Fid%3Df7022538-b5b5-46a7-9f85-31cabc8d83a8%26ia%3Dnancyg15%2Fslinky-and-rex-are-from-which-pixar-movie-%26m%3D%26c%3D7D3119&ref=https%3A%2F%2Fbraincandy.net%2FplayNew.asp%3Fid%3Df7022538-b5b5-46a7-9f85-31cabc8d83a8%26ia%3Dnancyg15%2Fslinky-and-rex-are-from-which-pixar-movie-%26m%3D%26c%3D7D3119&top=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&vis=1&psz=0x-1&msz=0x-1&fws=388&ohw=640&ga_vid=1891901609.1697305546&ga_sid=1697305548&ga_hid=1710484684&ga_fc=true&dlt=1697305546982&idt=1394&prev_scp=placement%3DDFP-Desktop%26publisher_name%3Dbraincandy.net%26adx%3Dapproved%26id_hour_domain%3Df7022538b5b546a79f8531cabc8d8317Story_De%26particle_above%3DN%252FA%26particle_below%3DN%252FA%26domain_storyversion%3Dbraincandy.net_playbuzz-ads%26img_violence_rate%3DUNLIKELY%26image_adult_rating%3DPOSSIBLE&cust_params=path-name%3D%252FplayNew.asp&adks=554628295&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90a65acb8eab6f864489f9472c87fee1db5f3be04b4099dc4d1b015a2690df08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://braincandy.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DB14 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48b5f633527448f0fa407da7e38349f9b0de6e3533903d5afbaadba5df2fbeea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12222
x-xss-protection
0
container.html
cfef22c6eff9f58b685bc7a36d124d38.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2AA8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cfef22c6eff9f58b685bc7a36d124d38.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:45:48 GMT
expires
Sun, 13 Oct 2024 17:45:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
0bd8d5f67a59939fe7774bed8fd33f1dee7d93c2e16b74963b7badc5f70da8c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1798
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Sun, 30 May 2021 02:19:11 GMT
Server
cloudinary
X-Timer
S1687819832.461739,VS0,VE1
ETag
"64f00fb1913c916ebe1fdaf7d8ccc047"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071905
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
comscore.streaming.6.1.0.170130.min.js
cdn.playbuzz.com/content/monetization/players/lib/ Frame DB14 		103 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playbuzz.com/content/monetization/players/lib/comscore.streaming.6.1.0.170130.min.js
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=d7c5dac8-06d6-4dfc-aa87-006948346a2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.206.246 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-206-246.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
eb0b2811eb15bdd0d977392aebd8a8125f23c8aa072eeb7255cce645f8228eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Sat, 21 Oct 2023 17:45:48 GMT
date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
content-length
18840
last-modified
Mon, 09 Sep 2019 13:17:52 GMT
server
AmazonS3
etag
"0c5ecf5eeb3840ca3fcaa29c6ca21143"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-meta-s3b-last-modified
20170130T120218Z
events
prd-collector-anon.playbuzz.com/main/ Frame DB14 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.playbuzz.com/main/events
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=d7c5dac8-06d6-4dfc-aa87-006948346a2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.244.88 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-244-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:48 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
AVmanager.js
player.aniview.com/script/6.1/ Frame 03B0 		449 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01d8c1ea393af41a8ad21a043de5cf3d4afd983e8694f42b6a30957b8ce7a0a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduAFOA8os1_j0tXp55Xe4yrSlV9VLIHibUZXALCGQ70Jv1qGafSMEROjD51uuYe_layIuGZMmxI3NYDd1lpINtEsBCpfhYe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130845
last-modified
Tue, 10 Oct 2023 08:13:21 GMT
server
UploadServer
etag
"21d1d4f58c45967046afb85059342532"
vary
Accept-Encoding
x-goog-generation
1696925601074323
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=uYjxeg==, md5=IdHU9YxFlnBGr7hQWTQlMg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130845
accept-ranges
bytes
expires
Sat, 14 Oct 2023 17:55:48 GMT
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		206 KB
206 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e8d7a0e219ee46fd35b0c06716cb474e85d6ce786dd081427d5a9fbd41b316b7

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-210747

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-210747/3479128
Connection
keep-alive
Content-Length
210748
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Tue, 25 May 2021 07:19:55 GMT
Server
cloudinary
X-Timer
S1687819833.629142,VS0,VE183
ETag
"bc37114e8b69b2c540d2ff530b6fc9de"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071820
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DB14 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 14 Oct 2023 17:45:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0883 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19398
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 12:22:30 GMT
expires
Sun, 13 Oct 2024 12:22:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 83DB 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea8ee5cdadef18068feaa8ff375d2b9b21c5f1eedfd2842f766a5376eb36d084
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A4hR7dzgOgMwuALIBiW-Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-A4hR7dzgOgMwuALIBiW-Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 14 Oct 2023 17:45:48 GMT
expires
Sat, 14 Oct 2023 17:45:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
events
prd-collector-anon.playbuzz.com/main/ Frame DB14 		0
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.playbuzz.com/main/events
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.244.88 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-244-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:48 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
/
go1.aniview.com/api/adserver/tag/ 		21 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_PLACEMENT=5&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=5ab2567228a061767a0764c0&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=braincandy.net&AV_DADPOS=1&AV_GPID=/56ea678d181f46c76f8b45fb/5ab2567228a061767a0764c0/braincandy.net&d36=6.2.134&responsive=1&sver=4&avtoken=548613&omv=1.0.1&clsid=5af141e1-2b15-43fd-97e4-d8c0763f2266&rando=88&AV_WIDTH=0&AV_HEIGHT=0&AV_DNT=0&cb=1697305548615&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-243-137.compute-1.amazonaws.com
Software
/
Resource Hash
21b4063f18a1526154a47821e6a23880fd2a8da05b13c0d637aed496495b5094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://braincandy.net
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 03 Oct 2023 03:59:08 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=braincandy.net&sn=&ic=0&tgt=0&app=&wi=&he=&test=&d36=6.2.134&apppkg=&fv=1&proto=https&clsid=5af141e1-2b15-43fd-97e4-d8c0763f2266&rando=88&pid=56ea678d181f46c76f8b45fb&cid=5ab2567228a061767a0764c0&stagid=&stplid=&e=inventory&vi=95&cb=1697305548614
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.14.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-14-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
2b19ed90-bc72-4d01-8308-92c4ed61b71b
https://braincandy.net/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://braincandy.net/2b19ed90-bc72-4d01-8308-92c4ed61b71b
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ddf593f4a8eddcd3d638a211dd91a517bd07b43f8ea933695dfc161b8e2679f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
374903
Content-Type
text/javascript
events
prd-collector-platform.ex.co/main/ Frame DB14 		0
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.59.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-59-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:48 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 83DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310090101&jk=424305200849678&rc=
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 0883 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 10:56:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
24576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Oct 2024 10:56:12 GMT
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		178 KB
178 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bb48d8ef2dda7d331c491f42d487495a44fdc3b3ec517571ff8d4e5c58d28b85

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=210748-392731

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 210748-392731/3479128
Connection
keep-alive
Content-Length
181984
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Tue, 25 May 2021 07:19:55 GMT
Server
cloudinary
X-Timer
S1687819833.629142,VS0,VE183
ETag
"bc37114e8b69b2c540d2ff530b6fc9de"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071820
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Oct 2023 17:45:48 GMT
uffkczlwkdkjrz1mm9yj.png
img.ex.co/image/upload/ar_1.7777777777777777,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1697064065/ Frame DB14 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1.7777777777777777,c_crop/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1697064065/uffkczlwkdkjrz1mm9yj.png
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7b0b5b6cc8836d99c04643ad7e24eacee99f5d636c18dc3b90fb6296d707d2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:49 GMT
x-amz-meta-cld-surrogate-reporting
width=640,height=360,bytes=34718,owidth=949,oheight=633,obytes=1026286
x-amz-request-id
AYP0KJE98FEJ565Q
x-amz-meta-cld-transformation-id
6722675133246579449
x-amz-server-side-encryption
AES256
x-amz-meta-cld-version
1697064065
x-amz-meta-cld-surrogate-key
304062904687184348343768945595694180057 461140603397644067432555687153388599740
content-disposition
inline; filename="uffkczlwkdkjrz1mm9yj.webp"
content-length
34718
x-amz-id-2
roFAgopAGi1mIZsbgM8os9KWP1AW9ZSU2RqFrN6HC3gnSNwPeztp8bx3Bo7ksNWBP1kUf7NCFLQ=
last-modified
Sat, 14 Oct 2023 02:09:28 GMT
server
AmazonS3
etag
"9eb828042b846c18b0d145e941ae3174"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31517714
accept-ranges
bytes
expires
Sun, 13 Oct 2024 12:41:03 GMT
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
a3459b962e84e3c220ee6d61d02f8e07c099bf45b5484b2217146ee0a73c2413

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=392732-750495

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 392732-750495/3479128
Connection
keep-alive
Content-Length
357764
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Tue, 25 May 2021 07:19:55 GMT
Server
cloudinary
X-Timer
S1687819833.629142,VS0,VE183
ETag
"bc37114e8b69b2c540d2ff530b6fc9de"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071820
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
generate_204
tpc.googlesyndication.com/ Frame 0883 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Q7r5Fw
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		346 KB
347 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
347944ca0ebf6a036ea1fd84834fddce27c9b46d65d8f2e35ec2aa63861a4d17

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=750496-1104687

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 750496-1104687/3479128
Connection
keep-alive
Content-Length
354192
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Tue, 25 May 2021 07:19:55 GMT
Server
cloudinary
X-Timer
S1687819833.629142,VS0,VE183
ETag
"bc37114e8b69b2c540d2ff530b6fc9de"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071820
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Oct 2023 17:45:48 GMT
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		299 KB
300 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
2e152cb1fd3122d988230f1ac60d8e0bafb31be721698ff5e398648b7d659fa6

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=1104688-1410751

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1104688-1410751/3479128
Connection
keep-alive
Content-Length
306064
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Tue, 25 May 2021 07:19:55 GMT
Server
cloudinary
X-Timer
S1687819833.629142,VS0,VE183
ETag
"bc37114e8b69b2c540d2ff530b6fc9de"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071820
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		156 KB
157 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ff570ffbb5fb4f90d2e76e06cd61b6042258302890156d953b59942fc9599068

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=1410752-1570927

Response headers

Date
Sat, 14 Oct 2023 17:45:48 GMT
Cache-Tag
465587674809349993189178165829297291947,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1410752-1570927/3479128
Connection
keep-alive
Content-Length
160176
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Tue, 25 May 2021 07:19:55 GMT
Server
cloudinary
X-Timer
S1687819833.629142,VS0,VE183
ETag
"bc37114e8b69b2c540d2ff530b6fc9de"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071820
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
events
prd-collector-anon.playbuzz.com/main/ Frame DB14 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.playbuzz.com/main/events
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=d7c5dac8-06d6-4dfc-aa87-006948346a2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.244.88 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-244-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:49 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame B2F2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0AzdBmw9Zx8bWHqARa9Pndp0fg7H_xoPcakDZS_9W6_SG57NlBXTJTAAuHvGWItSK5Oz8XDvcJAy12skuBkwjb_-f2jmsyTUef06RJCj3AM5XIZu08iakhrdIwmx71bH8fT7fd7ucuzQP&sai=AMfl-YTfYCumtMU42ei63YNnB4-0qeuALOID0AhruNY-hQcYx6l1yuTDhtx6gn8p4i4AEuEW4kWdHPn2CLV8bQCPJDAMOqVVI5G2q3bos84nDtAtmRpHONjMFE_ZkFyQwkIFF2K45t3Pv917ORFC_A&sig=Cg0ArKJSzI6pZ3-4zmTnEAE&cid=CAQSTADICaaNpFjLSBzLkgx0Rhsp2HNAnM0Xa9sJij8GMvFI7bBB9ObLFFSo__OEHORcULg1nBATqaa2fosDZmRQe0NUaef1Hb6pAFhz_l4YAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=107,790,1000,1012,1012&tos=107,683,210,12,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697305547627&rpt=390&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6B68 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158554&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame DB14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310090101&jk=424305200849678&bg=!lpWlldrNAAbFpEfJ5aQ7ADQBe5WfOD4_sTWUCv12lRbeVCXBbU-7HRBYTjij8ECfljckVR8uNBYVxxppTYkrCUXR29oSAgAAAFFSAAAACWgBBwoABBhLKIqZAxuxF7sKIVeUDHG-WmFTwn4gsYATOHm0WAMVDd8lekY7hUHlZA9ZsfBT0hJZYcD3C-OS5n0VLozLDpb2l5nj_qqaWoki71pvaSCbGAfpK2vln4GNwJkIWJw_9QjVFxt_O5SaZbqthrgvVKmb_e18U6dyeSkmeoAmBSXoUjOMEsAUvvkRb-0wC6owqEF-D1A6F0Oq3EVgAyIy-bbmSuKRXdL70u-yh5ABgS0zgQRMFuJGqrdQagfwccPbpIkIvspGbBT14B9aXv7jWJmZja5xT6Ae4yxfx9Ee3auuJ9mf0pk4R_TuyQgHzXbkz3qO05w7RkUQxRTmURFPdVXd2iTMHviIZ7nAYu5Oge2_emj1g1gGmuoBzxLXK-fnfuhRWeENWFfupHB82-gz4VGWTnZrrzfU_cr664hMjhQy62ZclFw5QBhVSFahburgbFp-8-dR4YJSiZFBVvQAtqjYT0MirW9PZ4MD_kWHqj-UC6mA-0rOgoTKUJQErARqbPN358HP9AkqkERFjvfnAKFs3kFS-HnihHdf3LQ32HTdP9fEn5RD3fUQWce_q_turAmddSWaM9iuQO5PP-ZNsTKVGuH_evdXQtEPjmb-NzTOT15mRn2b-0M9JkB-E1kDIqFs0VzwBRr2je3Asy4K0m11x8y0QHUQRRzRqSekPGL89KOKyeQZAEgGCTdJQ-T2kJge8UEmJu5KohHbh02lRr-mWKzvzXa8ERuWyB5P0IYjABWMaGESG_M1XUSydKa1HFstEru2z6KI50HDmRaHY4jscbtfb3Wj4bMJzzh4B-uRlYURyJ47FvQd6XXYuMEtVKfYRPkZOz09t3jQelzS1EBBZ-DZhJcu-B8B2K87fCXYWzwIq1a8p-rIk6iBu1lAxEYRdc56GvUfMe8VR7NIHpXflTTVOJ6SkndO_f75EAinxrcjlMMFkVw80--0sINzcbIGABjCkhNk0KUn8WuGr472cW7NkhNLA8Lli_mMmkuu5V2Ax1O2JvXMI4g30n6ZL57eqbkvh31chahPgqADHIcHPxUJMujy51QNSCM7PJMh_u4
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
sync
eb2.3lift.com/ Frame 6331 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 14 Oct 2023 17:45:49 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9771 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28207
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 14 Oct 2023 17:45:49 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3350, 209422
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230030-FRA
X-Timer
S1697305549.393573,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame AF69 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhcHBuZXh1c0JpZEFkYXB0ZXIiLCJjb25zZW50TWFuYWdlbWVudCIsImNvbnNlbnRNYW5hZ2VtZW50VXNwIiwiY3JpdGVvQmlkQWRhcHRlciIsImVucmljaG1lbnRGcGRNb2R1bGUiLCJmYWJyaWNrSWRTeXN0ZW0iLCJmcGRNb2R1bGUiLCJnZHByRW5mb3JjZW1lbnQiLCJncHRQcmVBdWN0aW9uIiwiaWQ1SWRTeXN0ZW0iLCJpeEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInRyaXBsZWxpZnRCaWRBZGFwdGVyIiwidW5pZmllZElkU3lzdGVtIiwidXNlcklkIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
569
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8161a363be2a3678-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 17:45:49 GMT
expires
Sat, 14 Oct 2023 21:45:49 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 9771 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:49 GMT
an-x-request-uuid
1745aed5-4875-4be5-89ac-7916d56df2d8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4669 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3a1348bb728ee726f6bc7dfb9f471387a44ddf344292053f6e1b59da534938

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8161a3640ccb9bbc-FRA
content-encoding
br
content-type
text/html
date
Sat, 14 Oct 2023 17:45:49 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCE0gIL6QwXuOLbx3jMqEE1R6XGg7whU86pahblmDp84AKb7chEBePilO0uyOy6NyzacND7bpFBJRsNqT%2FP5vT6AlqCEagIWPTMXkbsXDGecWg6Qz1feMsBB8xydvDMuwi2DXFzBXt247A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 4669
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6901398141378280120
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6901398141378280120
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FuS4ONUEpVDjDhGpPIyQdkeMMQu%2BQyYHjiZDl9IawsQ7Hj6R7jLF8lsnFJN3rMtVuo6AeALBGuZrP6DkbqSojBbN5XjuIxbt13ROuH1WiPIzM6xX2EPoANj3R0JTB6qvm%2BgZ8WiskrQFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8161a364ad7c9bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:49 GMT
an-x-request-uuid
b10dc0ea-94a8-4648-8f4b-4b4eea671e37
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6901398141378280120
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4669 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:d271:299f:5c6e:4925 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 4669
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OWExOTc5Y2YzMzlkN2E3YzM3N2E5NzIyYTQyZTEzNw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGFAQQs-uoQcu04nwVujgWg&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:49 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 14 Oct 2023 17:45:49 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1697305549509083-584
Expires
Sat, 14 Oct 2023 17:45:49 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 4669 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.23.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-23-16.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 14 Oct 2023 17:45:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 4669 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:49 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-1
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
demconf.jpg
dpm.demdex.net/ Frame 4669
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
34.254.70.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-70-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v052-00f8d6a2d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
u5OQJfawQoI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v052-0589e865b.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Sb4+VbRgT5w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 4669
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JumvsoPia4p7MTJozyzIXGJo2rZaO1UJEErCaTgErxjT42K7Pc4haiSICVware8AyOUVy18BSY8xC9mY0Tj5nAG9dzL27vIJ%2FM9%2F4pXCHQRhB4NfBX3C3wEYF4mteWHc5ATafi8wEV5Byw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8161a364fdd89bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Sat, 14 Oct 2023 17:45:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 4669
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0INoe5JwVz9c6yAyaNKsLNly2hs
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0INoe5JwVz9c6yAyaNKsLNly2hs
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuueW%2BMTR6jHlfvss9b1bWYD5KAqnG%2Fims3IwXZrL77Np1uC5dgKf52%2F1KwUi8Hmux9BcYMYcPx5K3e2DmLxyI%2BP0NNslievxifWxOlQuxMoM9eNAY4Um8mUqJ6sdc%2B4gYZrFIekZ1lCkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8161a3652e239bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0INoe5JwVz9c6yAyaNKsLNly2hs
Date
Sat, 14 Oct 2023 17:45:49 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4669 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZSrTyqea3MnFZ2zVi6Y1jAAA%265238
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbraincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:49 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
3207
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8161a3647f4d3678-FRA
content-length
43
expires
Sun, 15 Oct 2023 17:45:49 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=3ecf455b-f53a-4574-8f50-0dbbb8e37a7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.86.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-86-123.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 14 Oct 2023 17:45:49 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 6B68 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27092421&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9cec5dd8c43488aae57a20dbcd78665a5302ed0e51dadbdf50224e8879143b7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 14 Oct 2023 17:45:49 GMT
content-length
1676
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame FF72 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 14 Oct 2023 17:45:50 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 7291 		0
0
i.match
s.tribalfusion.com/z/ Frame FD0D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8161a36acc60367a-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8161a3697a6d367a-FRA
content-type
text/html
date
Sat, 14 Oct 2023 17:45:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
96
pub
matching.truffle.bid/sync/ Frame ADB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 14 Oct 2023 17:45:50 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 8091
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AC779B793A834B0C89C840625AE57783&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AC779B793A834B0C89C840625AE57783&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 14 Oct 2023 17:45:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 14 Oct 2023 17:45:50 GMT
expires
Fri, 13 Oct 2023 17:45:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AC779B793A834B0C89C840625AE57783&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 8B17
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5592490336
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5592490336
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 14 Oct 2023 17:45:50 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 14 Oct 2023 17:45:50 GMT
etag
RX3d240d029c5c4903811aa156fc5b4710003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5592490336
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
setuid
sync.ex.co/v1/ Frame 56E6 		86 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.187.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-187-77.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Sat, 14 Oct 2023 17:45:50 GMT
vary
Origin
mw
mwzeom.zeotap.com/ Frame 6B68 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8161a36959989966-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 6B68
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:57 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:57 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6B68
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=47e3db36ae33a779e8d6eb31a8122543&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=b95ee0e249e516a8
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=63146264-dae5-4152-4bef-942a38e99fb0&reqId=285009fa-fb66-45e8-7d91-6977a3adf156&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEITjK8tp_RJWTAiOjyKXcNU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=63146264-dae5-4152-4bef-942a38e99fb0&reqId=285009fa-fb66-45e8-7d91-697...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEITjK8tp_RJWTAiOjyKXcNU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=63146264-dae5-4152-4bef-942a38e99fb0&reqId=285009fa-fb66-45e8-7d91-6977a3adf156&zcluid=b95ee0e249e516a8&zdid=1332
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8161a36e1f789966-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEITjK8tp_RJWTAiOjyKXcNU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=63146264-dae5-4152-4bef-942a38e99fb0&reqId=285009fa-fb66-45e8-7d91-6977a3adf156&zcluid=b95ee0e249e516a8&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6B68
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6901398141378280120
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6901398141378280120
Requested by
Host: braincandy.net
URL: https://braincandy.net/?slinky-and-rex-are-from-which-pixar-movie-
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 14 Oct 2023 17:45:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:50 GMT
an-x-request-uuid
6e5b28ed-5722-4e73-8ec8-5b7a5230d51c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6901398141378280120
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9771 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:50 GMT
an-x-request-uuid
c1a0a341-5639-4cea-9efd-9f1a72748384
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
id5-sync.com/api/config/ Frame 2793 		136 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 2793 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13963
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 14 Oct 2023 17:45:50 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://braincandy.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ Frame 2793 		43 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://braincandy.net
cache-control
no-cache
x-server
10.45.7.54
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 2793 		63 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
ccc752b573013f4ce4604464de86991662962fa885d48e54c228067dca908ccc

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 14 Oct 2023 17:45:50 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://braincandy.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 13 Nov 2023 17:45:50 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 2793 		36 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=624104
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37ebf6973334db410c1720972a7b5ca2cdff894771f9b9612e7e04202564458

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tse%2BC9Vt7US5zEzs3wlGJGO4IwEvywjjjTyuT3U%2BvKQg4c86uzO%2B7dH%2F4KLMdEBUNiV12XnoAJrEdcZkQRaQ513aDnQ70lTc6bRGqv5xqEfmjRFig7zagtbVG5tuyhl5kwpOnFmo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8161a36cc9bc9bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 2793 		19 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:50 GMT
an-x-request-uuid
768faf5a-e1ac-407e-89e7-81be4f413337
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2793 		173 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ee259d8a4162293dcd7ce74dfcbc87a3b1a6f8ee87ea9a04eb226a8e3cc11a22

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://braincandy.net
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
Expires
0
prebid
prebid.media.net/rtb/ Frame 2793 		338 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUB64530
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
4814114acc0959c8c2ea7376ed6591922843c26976693a76d912ff3b17e347f4

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:50 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://braincandy.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 14 Oct 2023 17:45:50 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Sat, 14 Oct 2023 17:45:50 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 2793 		33 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
3b3c1a3d37afe992d26921b77b7bf12031b772ca07deda0fedb90a1617053282
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
1235.json
id5-sync.com/g/v2/ Frame 2793 		276 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.7.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
88d7576531c093091a07c272bed84777c567867ba8dffa0bb8eb78f55f063855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://braincandy.net
date
Sat, 14 Oct 2023 17:45:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 882D 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
424608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 19:49:03 GMT
expires
Tue, 08 Oct 2024 19:49:03 GMT
last-modified
Mon, 09 Oct 2023 19:46:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Oct 2023 17:45:51 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1343 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 14 Oct 2023 18:16:40 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 882D 		156 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C151404300%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_braincandy.net_5&description_url=https%3A%2F%2Fbraincandy.net&sz=1x1%7C300x250%7C400x300%7C640x400%7C640x480&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1619199866488211&cust_params=pf%3D2f169f9b4e6a&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=1731787552&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=CEF6DAF3-BCBC-4C6C-9B5D-DF7425D3DFE3&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&ref=http%3A%2F%2Fbraincandy.net%2F&url=https%3A%2F%2Fbraincandy.net%2F%3Fslinky-and-rex-are-from-which-pixar-movie-&dt=1697305551130&cookie=ID%3Dbc75b8bca6d07f20%3AT%3D1697305545%3ART%3D1697305545%3AS%3DALNI_MbNfOUNGFn0FHaLOmBXw_6eO4aHUQ&gpic=UID%3D00000cba804d841a%3AT%3D1697305545%3ART%3D1697305545%3AS%3DALNI_MZps8ULZV7rsGXRAjyKQcQKt17vmw&scor=3758997027667303&ged=ve4_td6_tt0_pd6_la6000_er923.1235.1073.1535_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 882D 		0
0
csi
csi.gstatic.com/ Frame 882D 		0
0
track
track1.aniview.com/ Frame 03B0 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 6B68 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158554&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:45:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.57.0-3827f5e/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.161 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 17:45:52 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/ 		293 KB
293 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1578401826/landscapeffc7e8d3-8e5b-4b7c-a2cd-bcaa67339809_1578401499694.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
2a56d92e013ecab7a1a36bed73f390679c5e5e3fd77ff33ce82f94e09e79f0ac

Request headers

Referer
https://braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=1570928-1870599

Response headers

Date
Sat, 14 Oct 2023 17:45:53 GMT
Cache-Tag
465587674809349993189178165829297291947,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1570928-1870599/3479128
Connection
keep-alive
Content-Length
299672
X-Served-By
cache-iad-kjyo7100177-IAD
Last-Modified
Tue, 25 May 2021 07:19:55 GMT
Server
cloudinary
X-Timer
S1687819833.629142,VS0,VE183
ETag
"bc37114e8b69b2c540d2ff530b6fc9de"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22071815
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnqbwgz2&c=4148141675021&slotId=2074070837510.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnqbwh9h&c=4148141675021&slotId=2074070837510.5&uet=2&ghmsh_eids=44752657%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?r=braincandy.net&sn=&ic=0&tgt=0&app=&wi=&he=&test=&d36=6.2.134&apppkg=&fv=1&proto=https&clsid=5af141e1-2b15-43fd-97e4-d8c0763f2266&rando=88

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| fbAsyncInit function| $ function| jQuery function| checkeu object| tude function| fbq function| _fbq function| obApi function| fb_share function| new_Share string| GoogleAnalyticsObject function| ga object| FB object| __buffer object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| apiObj object| tudeChunk object| LI object| __li__evt_bus object| liQ object| liQ_instances object| dataLayer function| __liSync object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager boolean| pbjsLibraryLoaded object| googletag object| pbjsChunk object| pbjs object| _pbjsGlobals object| _aps function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| STREAM_CONFIGS string| STREAM_ID object| __EXCO string| __EXCO_INTEGRATION_TYPE object| wpJsonpExCoStreamSdk object| regeneratorRuntime function| setImmediate function| clearImmediate function| rrssbInit object| jQuery11110744111955562434 object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| __OPEN_WEB__ string| pbPageIdentifier object| Criteo object| process object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ object| wpJsonpExCoAdPlayer object| ID5 object| CEDATO_API object| CEDATO_TAG object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| owActionQueue object| google_llp object| __id5_instances function| Hls object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_548406 object| closure_lm_442529

118 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: fb6655f5-abb4-4db0-9c92-fe04ac519d75
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARCgFgoJCP____8HEKoW
i6.liadm.com/s Name: _li_ss
Value: CgA
braincandy.net/ Name: ASPSESSIONIDCSBCQRDS
Value: MLGPDOBBMKOBFCPNLEDNAOLG
.braincandy.net/ Name: _ga
Value: GA1.2.1891901609.1697305546
.braincandy.net/ Name: _gid
Value: GA1.2.15164566.1697305546
.braincandy.net/ Name: _gat
Value: 1
.braincandy.net/ Name: _li_dcdm_c
Value: .braincandy.net
.braincandy.net/ Name: _lc2_fpi
Value: caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y
.braincandy.net/ Name: _lc2_fpi_meta
Value: {%22w%22:1697305545669}
.braincandy.net/ Name: _fbp
Value: fb.1.1697305545822.1179401612
.braincandy.net/ Name: _ga_KGND54FWRV
Value: GS1.2.1697305545.1.0.1697305545.60.0.0
.liadm.com/ Name: lidid
Value: fb6655f5-abb4-4db0-9c92-fe04ac519d75
braincandy.net/ Name: exco-uid
Value: ezojkt0mw6l3qnor
.spot.im/ Name: device_uuid
Value: 5c353721-3614-46a4-b17c-d827770cdc64
.sli.braincandy.net/ Name: _lc2_fpi
Value: caf62bed74b7--01hcqmpjy5ssm89p2vb4a19v8y
braincandy.net/ Name: ASPSESSIONIDCWBCQRDS
Value: ENGPDOBBEHJJAJOKNGJHPHPE
.ex.co/ Name: exco-uid
Value: 2e3238342e363938
.casalemedia.com/ Name: CMID
Value: ZSrTyqea3MnFZ2zVi6Y1jAAA
.casalemedia.com/ Name: CMPS
Value: 5238
.casalemedia.com/ Name: CMPRO
Value: 5238
.braincandy.net/ Name: spotim_visitId
Value: {%22visitId%22:%225c353721-3614-46a4-b17c-d827770cdc64%22%2C%22creationDate%22:%22Sat%20Oct%2014%202023%2019:45:47%20GMT+0200%20(Central%20European%20Summer%20Time)%22%2C%22duration%22:0}
.openx.net/ Name: i
Value: cd110ab0-9c81-4fe7-bbca-498744cf944a|1697305546
.adnxs.com/ Name: uuid2
Value: 6901398141378280120
.doubleclick.net/ Name: DSID
Value: NO_DATA
.turn.com/ Name: uid
Value: 2577741385566063339
.doubleclick.net/ Name: IDE
Value: AHWqTUlGVMGF9Cr9iP33ETblcy6--LFY_NMX6s5WROnz-r-FiYNRXsAHje9PAnTcttQ
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ads.stickyadstv.com/ Name: UID
Value: 9a1979cf339d7a7c377a9722a42e137
.quantserve.com/ Name: d
Value: EP0BCwGXKvijAA
.quantserve.com/ Name: mc
Value: 652ad3cb-4e148-4fe7d-5a683
.bidswitch.net/ Name: tuuid
Value: d97069ae-14d3-49e4-b07b-321ccac866af
.bidswitch.net/ Name: c
Value: 1697305547
.bidswitch.net/ Name: tuuid_lu
Value: 1697305547
.adx.opera.com/ Name: UID
Value: OPUbf6174feb14e4b24961922853e2c8e3b
.adfarm1.adition.com/ Name: UserID1
Value: 7289871815694743698
.adsby.bidtheatre.com/ Name: __kuid
Value: 955ac8f3-81c0-4bd0-80b1-f5ee2af90f34.466519547
.weborama.fr/ Name: AFFICHE_W
Value: sbk@xQj@HrOx75
.ctnsnet.com/ Name: cid_094b05af8cc04ef2b54f8378f303fcb8
Value: 1
.simpli.fi/ Name: suid
Value: AC779B793A834B0C89C840625AE57783
.csync.loopme.me/ Name: viewer_token
Value: 6bb586f4-50b5-456a-89f2-b60f5b0731b9
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003%22%7D
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjCytDQxMjU0shDiM9T1KHE1sfDN90z2ybcEAP0vna0lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjCytDQxMjU0shDiM9T1KHE1sfDN90z2ybcEAP0vna0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlubGBqamJubGEMAP_NrrsQAAAA
.de17a.com/ Name: guid
Value: 1.9039262152919640350
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7289871815694743698&KRTB&23369-7289871815694743698
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6901398141378280120&KRTB&23339-6901398141378280120
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2577741385566063339&KRTB&23150-2577741385566063339&KRTB&23527-2577741385566063339
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZSrTywAX3gUUswAb
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb&KRTB&19420-Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb&KRTB&22979-Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb&KRTB&23403-Y0wX6DFKRut4TUC4YUEIvTMcEu14TES_bUoUV3wb
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559730299425128
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJ_xk4_qL6QJOB4-85XY_6k&KRTB&23025-CAESEJ_xk4_qL6QJOB4-85XY_6k&KRTB&23386-CAESEJ_xk4_qL6QJOB4-85XY_6k
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUbf6174feb14e4b24961922853e2c8e3b&KRTB&23485-OPUbf6174feb14e4b24961922853e2c8e3b&KRTB&23524-OPUbf6174feb14e4b24961922853e2c8e3b
.adform.net/ Name: uid
Value: 7550100756346093214
.onaudience.com/ Name: cookie
Value: b95ee0e249e516a8
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9039262152919640350
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7550100756346093214&KRTB&23263-7550100756346093214&KRTB&23481-7550100756346093214
.bumlam.com/ Name: suuid3
Value: IiQ4MWQ0ZGRkMC02YWI5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.bidr.io/ Name: bito
Value: AAEvIE7KVagAABjnezesDg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhRVnnanXWRnVbUgS
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f2141605d7b1c625
.amazon-adsystem.com/ Name: ad-id
Value: A4MEke0fw0vXp7eTFmuiFkw
.fwmrm.net/ Name: _uid
Value: uml1229_7291002322987976104
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d083687b-9270-573f-5ceb-203268d2ac2c.yVX0NuDnwGO6rZAerbWC%2F30tiI8jtvJqu%2FWwaSuy8xQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d083687b-9270-573f-5ceb-203268d2ac2c.yVX0NuDnwGO6rZAerbWC%2F30tiI8jtvJqu%2FWwaSuy8xQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%2BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0INoe5JwVz9c6yAyaNKsLNly2hs.8omT8wW5eQ%2BUKcfhcsm59I3rK2UsGLto8rDcuyB7g9A
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAHdrdrnKhTL6x10ojWX_x2eEetS1eWMyOQxsMRVvNPgEHwYBCDLp6upBjABOgTwLrJgQgQJ98Sx.AwW516N2vcBK5m2BqMhnfklMYEKik1vuCjjLS8v66pU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAHdrdrnKhTL6x10ojWX_x2eEetS1eWMyOQxsMRVvNPgEHwYBCDLp6upBjABOgTwLrJgQgQJ98Sx.AwW516N2vcBK5m2BqMhnfklMYEKik1vuCjjLS8v66pU
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.audrte.com/ Name: arcki2
Value: eaaV0XK3TURTPek0Ty3X2gQPA!20220908!1697305547679!ip#217.114.218.27
.audrte.com/ Name: arcki2_pubmatic
Value: BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C!20220908!1697305547682
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: uml1229_7291002322987976104
.ads.stickyadstv.com/ Name: MRM_UID
Value: uml1229_7291002322987976104
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-0INoe5JwVz9c6yAyaNKsLNly2hs&KRTB&23334-0INoe5JwVz9c6yAyaNKsLNly2hs&KRTB&23417-0INoe5JwVz9c6yAyaNKsLNly2hs&KRTB&23426-0INoe5JwVz9c6yAyaNKsLNly2hs
.smartadserver.com/ Name: pid
Value: 2913900273055427010
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAEvIE7KVagAABjnezesDg
.audrte.com/ Name: arcki2_ddp2
Value: eaaV0XK3TURTPek0Ty3X2gQPA!20220908!1697305547840
.braincandy.net/ Name: __gads
Value: ID=bc75b8bca6d07f20:T=1697305545:RT=1697305545:S=ALNI_MbNfOUNGFn0FHaLOmBXw_6eO4aHUQ
.braincandy.net/ Name: __gpi
Value: UID=00000cba804d841a:T=1697305545:RT=1697305545:S=ALNI_MZps8ULZV7rsGXRAjyKQcQKt17vmw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEvIE7KVagAABjnezesDg
.pubmatic.com/ Name: PugT
Value: 1697305547
.audrte.com/ Name: arcki2_adform
Value: 7550100756346093214!20220908!1697305547996
.googleadservices.com/ Name: ar_debug
Value: 1
.braincandy.net/ Name: __li_idex_cache_e30
Value: {}
.braincandy.net/ Name: __li_idex_cache_e30_meta
Value: {%22w%22:1697305548430%2C%22e%22:1697309148430}
.aniview.com/ Name: aniC
Value: 1697305548947-994490128279-001177-000-000085
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEGFAQQs-uoQcu04nwVujgWg
.demdex.net/ Name: demdex
Value: 66296667577831424623104175529866254497
.dpm.demdex.net/ Name: dpm
Value: 66296667577831424623104175529866254497
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158554:4
.pubmatic.com/ Name: DPSync3
Value: 1698451200%3A219_197_201_245_241_235_227_226
.pubmatic.com/ Name: SyncRTB3
Value: 1698537600%3A35%7C1698451200%3A54_234_56_165_204_243_71_254_176_249_8_46_166_161_238_81_251_214_13_3_22_55_21_233_196_264_220_88_99%7C1697846400%3A223_2_15%7C1698105600%3A63%7C1702425600%3A69%7C1699833600%3A203
ads.playground.xyz/ Name: connect.sid
Value: s%3A1lZc2bCV9C9PpGSVYrshbh57xqYeCfsW.IglHTH9y6VY9fEBCnc%2Fb2Trsowaf0qbiqJeUM%2Fr2bEw
.zeotap.com/ Name: zc
Value: 63146264-dae5-4152-4bef-942a38e99fb0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3d240d02-9c5c-4903-811a-a156fc5b4710-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.ex.co/ Name: exco-uids
Value: {"freewheel":{"UID":"9a1979cf339d7a7c377a9722a42e137","Expire":"2024-10-13T17:45:47.524224128Z"},"ix":{"UID":"ZSrTyqea3MnFZ2zVi6Y1jAAA\u00265238","Expire":"2024-10-13T17:45:47.139738493Z"},"pubmatic":{"UID":"BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C","Expire":"2024-10-13T17:45:50.317141822Z"}}
.semasio.net/ Name: SEUNCY
Value: 319C79A0FECFD048
.onaudience.com/ Name: done_redirects161
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: a2ntuJP3rT7CiAyPqHM6F6x8y3LsQOGlcXcQnd6VZbaPb7rYqLZb5b05aUML37Zcgw5P7fjGZcqRItMFMr7qiGo3M0kx
.exelator.com/ Name: EE
Value: "47e3db36ae33a779e8d6eb31a8122543"
braincandy.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
braincandy.net/ Name: _lr_retry_request
Value: true
braincandy.net/ Name: _lr_env_src_ats
Value: false
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHEPNU4JcnYLDHV2DjR3Nwy1SLFLDXJ2DDRwtDIyNTEeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYkl%252BUWb6IhfXxUUpaQyLSopPBR%252BdvgwAmPgqaw%253D%253D"
braincandy.net/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-14T17%3A45%3A50%22%7D
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: %94%C27n%E4%C7u%E7%BC%98%E4%96%92w0%93I%28%C6%B6q%9A.m%D3%C3%D6%14%DF%FE%1Et.%DBl%1D%EF%BB%5EF%F9a%0D%0CJ.%3E%C8FMB%FE%08%C56%0E%BB.%EE%1EQCF%3Al%23Z%3E%1E%9E~%9F%F8C1z%3D%9A%242%D7%C1%A1
.pubmatic.com/ Name: SPugT
Value: 1697305551

8 Console Messages

Source Level URL
Text
network error URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZSrTyqea3MnFZ2zVi6Y1jAAA%265238&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cloud1.braincandy.net/images/bouncearrow.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C?gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BFAEE0D3-A1FF-4FFA-8975-55F3D65EC78C&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pr-bh.ybp.yahoo.com/sync/casale/ZSrTyqea3MnFZ2zVi6Y1jAAAFHYAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13963
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1#RS-1-&adk=1812271801&client=ca-pub-3297660157133908&fa=1&ifi=7&uci=a!7&btvi=1
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.playbuzz.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ajax.googleapis.com
amplify.outbrain.com
ap.lijit.com
api-2-0.spot.im
api.rlcdn.com
b-code.liadm.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
braincandy.net
c1.adform.net
cdn.ampproject.org
cdn.ex.co
cdn.indexww.com
cdn.playbuzz.com
cdn2.triviatoday.com
cfef22c6eff9f58b685bc7a36d124d38.safeframe.googlesyndication.com
cloud1.braincandy.net
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
collector.ex.co
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
direct-events-collector.spot.im
dis.criteo.com
dmp.adform.net
dn0qt3r0xannq.cloudfront.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.channelexco.com
e8c5e7f451e2c8dfad07ed60d1e8a4f5.safeframe.googlesyndication.com
eb2.3lift.com
edge.aditude.io
embed.ex.co
embed.playbuzz.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
gpv.ex.co
green.erne.co
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.ex.co
ipac.ctnsnet.com
js-sec.indexww.com
launcher.spot.im
lb.eu-1-id5-sync.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mcd-sdk.playbuzz.com
mcd.ex.co
mwzeom.zeotap.com
netdna.bootstrapcdn.com
p.channelexco.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.ex.co
pixel.onaudience.com
player.aniview.com
player.ex.co
polyfill.io
pr-bh.ybp.yahoo.com
prd-collector-anon.playbuzz.com
prd-collector-platform.ex.co
prebid-server.rubiconproject.com
prebid.media.net
pubads.g.doubleclick.net
publisher-assets.spot.im
pubmatic-match.dotomi.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s-114.channelexco.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sli.braincandy.net
spl.zeotap.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static-cdn.spot.im
static.criteo.net
static.ex.co
stats.g.doubleclick.net
stream.playbuzz.com
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.ex.co
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
track1.aniview.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
vop.sundaysky.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
csi.gstatic.com
track1.aniview.com
104.18.25.18
104.18.26.193
104.18.27.193
108.138.17.121
108.138.7.47
141.226.228.48
141.95.171.141
142.250.185.130
143.204.98.105
146.59.148.16
151.101.130.137
151.101.193.108
151.101.194.132
151.101.2.49
151.101.66.132
162.19.138.118
162.19.138.119
173.231.180.197
178.250.7.11
18.134.84.21
18.158.97.142
18.66.112.47
18.66.97.41
185.64.190.78
185.86.138.153
188.166.17.21
193.0.160.130
193.108.153.5
195.5.165.20
198.47.127.20
198.47.127.205
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.184
216.52.2.6
216.58.206.34
23.201.255.110
23.35.236.201
23.35.237.86
23.52.120.246
23.53.42.130
23.60.206.246
23.82.15.159
23.82.15.161
23.88.86.2
2600:1f18:730:b110:29c6:1e04:f1b2:383c
2600:1f18:ed:550a:b341:11f2:35f0:bbbb
2600:9000:211e:200:1e:cbf7:e640:93a1
2600:9000:223c:ac00:8:8845:1500:93a1
2600:9000:225e:3000:19:b6f1:d180:93a1
2606:4700:10::6816:3c77
2606:4700:10::ac43:db6
2606:4700::6812:19ad
2606:4700::6812:bcf
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::200a
2a00:1450:4001:803::2001
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:d::a
2a02:26f0:3500:58c::2c79
2a02:fa8:8806:20::2010
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::649
2a04:4e42:c00::282
2a05:d018:d29:3602:d271:299f:5c6e:4925
3.125.58.108
3.210.64.86
3.215.243.137
3.220.21.116
3.223.59.142
3.230.86.123
3.234.2.218
3.75.62.37
31.172.81.158
34.102.253.54
34.111.129.221
34.111.131.239
34.120.133.55
34.120.63.153
34.254.70.163
34.91.62.186
34.95.81.168
34.98.64.218
35.173.102.74
35.186.193.173
35.214.228.230
35.71.131.137
37.157.4.28
37.252.171.149
44.198.14.39
46.228.174.117
50.17.233.50
50.31.142.223
51.222.80.231
52.205.187.77
52.208.23.16
52.44.10.91
52.46.143.56
52.94.222.140
54.165.244.88
54.198.183.8
54.78.254.47
63.35.30.113
67.229.238.21
67.229.238.34
69.173.144.137
69.173.144.138
70.42.32.191
76.223.111.18
77.243.51.121
81.17.55.171
82.145.213.8
85.114.159.118
98.98.134.241
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
01d8c1ea393af41a8ad21a043de5cf3d4afd983e8694f42b6a30957b8ce7a0a8
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
089ca7c196871f14a5e353f41c417ef7bd6db262c7df9590a7f33e044f89c701
0a03a9427932cfe62b173c84a6d54a73d22de419cbaed9f931039a0e6e22680b
0bd8d5f67a59939fe7774bed8fd33f1dee7d93c2e16b74963b7badc5f70da8c8
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
0f3f82cb3284225e8134e4fb22699b90ddc1a943b82b955ffdd83601e4c5776a
15464aab749c60569ecf70fbd7d493585f4463a37ed0ae11412408216612390f
1786cce893b278edad7f6cb51a84df30288832417c56e8bee13f266acc7d4dba
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6326b91d3429b8d1c250ccfa1b6422671a95cf052d8d2951d2feacd5d7f70
19591c7c918111c858dea69c3dacccca129a8ae9518da8c304b958a8b39529b3
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1a027d6861ec0e191b574a49c08e88c350e832c20bac20963506fb3371025398
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dd838ebd3174f3cd09e80284d620fe217debc3ef385362efa7d653521e05434
1f182033b5c59c76cb3e6799ee48546d42d73b1ee503757054a6919b4680e34f
1f3d6e6e9f0f99b3076b9f92c227fbaf95f00f6418b03bcdb2324069b1a3f332
208b4b048294a268014bf746fefd00c58aed4f9e5dcc6b796198b79875d70fc3
21b4063f18a1526154a47821e6a23880fd2a8da05b13c0d637aed496495b5094
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
2307871f3548016ae838e0cea561baac19dac7861c02c38721a93b0db487b9e3
24348bb95815bc01ef8884e6ff2c283eb6f35da9ae19a275ccfeda0f0a050db1
25bfc4c32a75641ce91bc561de2f56bbf7ad94b0daf238e23473f47ec8540826
29c4aabc9e3e6e1f48cdc539d2af2df9cbf2019710f7326be15372cbeef2c502
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a56d92e013ecab7a1a36bed73f390679c5e5e3fd77ff33ce82f94e09e79f0ac
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e152cb1fd3122d988230f1ac60d8e0bafb31be721698ff5e398648b7d659fa6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
347944ca0ebf6a036ea1fd84834fddce27c9b46d65d8f2e35ec2aa63861a4d17
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38346c661a5d9c7cac02ddcf5012e9905d07a9246d501065551a8a5b3f7f6f9a
3910c68ffb5d3d3232bb2af0230b347ade3c3cc18cda7e12326fd93e3e8dcde8
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b3c1a3d37afe992d26921b77b7bf12031b772ca07deda0fedb90a1617053282
3cd9e48c594b383c242b82b0598e3b92726318e60463a02ff8c464070edabb96
3cf5e33c2cc54437165d892b2424e9c9b602bad94cb8a28b4912dd08cd444722
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dce12275d63ce38bc757939d7601093deb9c363901adf77ae27e96599466f7c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43a56f7425c0c4274da9f324fbf4b81d0fcc5943d83c4d7d964aa055655786cc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45365c86867f885bddc40a3e5079313f14e6dcc7632733b5d836b39bf685a373
45745db6a137b469e44e00d469622072b166e516122635d284d5039573b79ddb
464573ecd97a3c56be074a2ee2c1893f3e181d76ac1bd336a73cb5102ee9b4fb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4814114acc0959c8c2ea7376ed6591922843c26976693a76d912ff3b17e347f4
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
48a68501dc91b163ceee7d21567464e6a60a7b645799b4b4f35284af7cfb7155
48b5f633527448f0fa407da7e38349f9b0de6e3533903d5afbaadba5df2fbeea
496913b9c2146703e5452254e115bfa25d1e6e690138448ed9a47757c8fa6826
4c023fcd1306cd96b7f44c8907ae754615fd8fc7ee0cca7e0676b8ff246efe1b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51c400482c1bc05ee87f4c011ef47ee7333b26680c582d6229368792f03d6376
52f7416e2ef56a07aa9119a19fa820dd609e8d538f225303b7334c9bfcbaa08d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54992cc7785468dc624160738ef6642ed1c220bc5107e3cca971465d4db2e2f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56453e26ac78fb9fafc889804ff270da78f743fa07c597ca054cdb9522cc0e6d
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
573578494667f15a89f574fedfab20b31e6aaee9179ee9d02bfb1713ec1b37c7
594a2d0001537344531d1eef2fbf967a3dcb3f8dcbcc1184f0d35b46ac83be10
59ffbb394ce988b8189489962ded843cd83fbdfd1165b70d6115a9b6adff1951
5c49d86e59d9e270c849e4f402f809b8cd80c49fba704ccbc843ffb1b31a69fe
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d6b42cc5d40022de8533bc7cdbe8782d3b1fb536807348cc1ea5c74f14b3c67
5ddf593f4a8eddcd3d638a211dd91a517bd07b43f8ea933695dfc161b8e2679f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
640938121f0b348ec4da0771b5467f86c5400fc64e8bd449e01693dd0807f066
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba
64aa7a01c38e5f51aa6b7cd48decf2bd9ef228857df6ff47b0f58b38c1bdfc30
6550eea853d332872011bc2d37c62a771d5f416a1ef55ebed97b4c3486f78b93
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d7642529b80309658a078c45c7eaedfcabb2908875d8c4f0e8a4019cd557e4
65e395eaf483bab73e06fff53895325935aca59a890d417a35e9b2164ac4bbff
664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee
67a7539e8990fa31d741a9bb47eb0edc6f98b258bc709fcce29d7626e8983236
68031755c4fdafd7d6052543494d9babe8d922afad6d3ab44107639520e9590e
6860711cd1d404b5deadc7c56fa8d4fc1f268100f02b049df785758209f98daa
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
69bdd7ec44a5888abae0bc4e4fa9eb24de4009270e5202334e50a86a58fbdc87
70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a
71520f54930c384684a5488ebb69caad29c76d23cda084a6c22692a14d4c6f37
71de86e5f5fa94855e4bf620522e8fbef506808812bb27814d7375fd89cc9f1f
75fb3e2fec5d57e634dd2a97afd2bb7139c6cb0f1f56f9f57ce2c797e671364f
7835551bec8862236a154ec97f9b56e254b1993b221b1af1684ca98e8cfeb0b8
78b7236e2cd78ad5a0c1e6df5502c708951d4c209b6b308cd697fe3aaa4dea4e
78f774f73ddd00473baccc5eb0ffef0b99f1f764edaab84f5bffdf29a2b6c888
7a463c12629183ab9f0e8825bf3ea26819d9a34c8675f3a5b6eb960ea7a702fc
7b0b5b6cc8836d99c04643ad7e24eacee99f5d636c18dc3b90fb6296d707d2fc
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7f1f89da2c6664a007a0154ef5754307dc935d4d41027b42de9fe8372eff52f7
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80baea20eed7cd8dea7c21d76bce11e9f8da24d2f7f66f2f2ba1f3a0529855e3
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86b35b361191142c58558a79e7beab10d554c65b1d42b90ed7b02feaa4f01791
86f04710697327eec94b61b3bf14773f3f89193af7b68dbb4afe3eca8947c48d
88d7576531c093091a07c272bed84777c567867ba8dffa0bb8eb78f55f063855
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90a65acb8eab6f864489f9472c87fee1db5f3be04b4099dc4d1b015a2690df08
90e4547dfa657658f813b3c9e2e5ffb7acb75d00c33e50d6e4b49533dec3f432
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
93942ee84db05d090872fb3bb4a3872e179fd86a71eec48b8e576474ea0ad844
93e8d3970bd7070d509018a35a8755ae651fa203631214e14be856a635dd34d9
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94a06f5d67261e40bcc0bbc986b220c4cb4e94670daba28134dffb693a2d2d23
958993d96b69d9a02da7da8b3ce21bd7dbf7c0ce0beea89da09496fc0466a074
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99ae6a4f45064a2e9bd70b637423dd0fd1c9f949497db47cfc3337b8364320ac
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99dba73b4476a73af9f50b2ebf4b24efd8982eb26b6928cc9701e4574a441f4f
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9cec5dd8c43488aae57a20dbcd78665a5302ed0e51dadbdf50224e8879143b7c
9fa4c56c7d77b76d292f095251eb03edecd2ea93793517fc6505e40656a49ef7
a3459b962e84e3c220ee6d61d02f8e07c099bf45b5484b2217146ee0a73c2413
a602e303fbe5b5ec73ec29709b73eb4435daf17afa71fb25d725f2d2547453e2
a6c88ed56ad5d14c3e56085839ad254a43184549a6710bcd9f61cd3c929f7c0f
a8e24ae7909de25f1fc203f4fb5b7c1479f12bf741659d83dc64bc0acdb70016
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa114ed26766bd02a687cc0ea687d20e203332d27caf4978fe31104e5e1876dc
aa3d665474811eb2f9ddcdb1d1aac8e32c168ad5769cfe5805c2efffb8379cfa
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
ae714a96a90cb96d9571e73e9b0b7a5ef1fc835930c0c5aca5eeadff150097ae
b0c3d8af40cf21c9e5be531d89c120a2fa402a2050842fa43ac8379b7cccfca2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b38571c0d56331f055c5ae512fa13ee544dd6e45ecbd2cabd121fed90755f8a6
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b68a709a38df4e859574817d2affcb1a2f856f5f998af4a0d6a340a520a3115d
b9109c766dc0160b4ce5ecb62f225f5eb3aee3150533364065359dee8f991d75
b944c35a670304f91362be29db5c48c02aba9dc2ce88eae623070e57340e02c1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb48d8ef2dda7d331c491f42d487495a44fdc3b3ec517571ff8d4e5c58d28b85
bc170fe095e8d03bce73ccb7e3392e2bc7fd8c1651448b2976742e69fe2b6de5
bf05350af6e8d159a65b2878e2cacb00a9176d0b5652f9d2beeb5706e11b06b0
c12f7a57e5d868832ea4fd936bccb4bf911b0c3fafb75e4179805ccbd2a7593c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a8994e75f6d8e4b91c424d116bfd1dcd0e95266eb4491ced9a722c997f756d
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f
c71aa930b8b7481b45f84cfc378f028809a044d72cef16af70fd0cccacda58bf
c75273e4d47ff352f615d364801ba7756f2a462e5d642ff22d426ce9691ca3a1
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
cadbfff60ae673d4c55b6236da6413593e6ad5c30e764170f07ac0bba8836ddb
cbb00b5bfb2b3fbca7a51c41963b6f3a7215180d8841d2f58a147f2608372764
cc4ac67ce73afa5c451da91a810141b264e80ad994245f86fdf0e01fdaf0b5ea
cca2530583b32a1a0425ab9bb03a19bd59fb941c42d1a2a06f91e0b62559eda2
ccc752b573013f4ce4604464de86991662962fa885d48e54c228067dca908ccc
cd8d2c40d61771b78ef167acb01c529d168e88ae2a8d386309860cce698caa5d
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf77a1fa2302f84eda2e622959e0ba7e78ad3355af7fb2d6b3645d767c039c43
d0155673a6ca77fd823260e3e3a2a34c3a93acb4b0c5740a3d24a877c7f4cda4
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
d1aaa4dbeb17bda24b86aff296cc9ab4c02e5aa6d36f0c7de9a878c46d179963
d4153d690cbdff24f804a3e390a2b7bd8e69d72884fd511addc3baca6b924176
d4163e1de8e0a8bdc6fe00726193ea7ae2dcce636d0c04b6eb1ca9c26f370ba9
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9e6c8260c838073cab6862bbe54970e2c039bf5d0747061874509c87a1a84ef
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
df3a1348bb728ee726f6bc7dfb9f471387a44ddf344292053f6e1b59da534938
df478d5accf4ef12cb7440bcb562fa5b89dd9f8efe45fd2e6b42674a0fa8c3c5
e0251f08e22056539cac886be78fd3aedf6d08584ac4a1aaec760018c399fdf7
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e2f2b0e37bd40774b388c384dfc2259f6ebc4f5539ec528ce4fbff9a2d1d2d5b
e37ebf6973334db410c1720972a7b5ca2cdff894771f9b9612e7e04202564458
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53cb24df239039f646add3d27e957daa0699fbd3745ee081a6dfd11c4a09425
e8d7a0e219ee46fd35b0c06716cb474e85d6ce786dd081427d5a9fbd41b316b7
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
ea8ee5cdadef18068feaa8ff375d2b9b21c5f1eedfd2842f766a5376eb36d084
eb0b2811eb15bdd0d977392aebd8a8125f23c8aa072eeb7255cce645f8228eae
ed02dd1f4d3990a71f37387e64a6b85398930578778916e83e7b5f314ae65cea
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ee259d8a4162293dcd7ce74dfcbc87a3b1a6f8ee87ea9a04eb226a8e3cc11a22
ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb4ff07f2d3b939a0605988e573a3b54d612ac7e2f839109e7d279800a9b3cef
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fda6d31bf9df409dd091a643f742ca0e2f42e39aff9106003473239a284ef526
fe9e726107e3ed28ff6b7ab4247307ae5adf881a7ea2a51159dcce989103290f
ff570ffbb5fb4f90d2e76e06cd61b6042258302890156d953b59942fc9599068