urlscan.io logo urlscan.io
SecurityTrails logo

trivia.braincandy.net Open in urlscan Pro
67.229.238.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trivia.braincandy.net/
Effective URL: https://trivia.braincandy.net/?038e28c5-news-template-
Submission: On September 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 12 countries across 102 domains to perform 622 HTTP transactions. The main IP is 67.229.238.21, located in United States and belongs to VPLSNET, US. The main domain is trivia.braincandy.net. The Cisco Umbrella rank of the primary domain is 418062.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 20th 2021. Valid for: a year.
This is the only time trivia.braincandy.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 67.229.238.21 35908 (VPLSNET)
10 2a03:2880:f02... 32934 (FACEBOOK)
19 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:225... 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 2 108.138.7.126 16509 (AMAZON-02)
1 18.66.122.119 16509 (AMAZON-02)
8 23.35.237.86 16625 (AKAMAI-AS)
1 67.229.238.36 35908 (VPLSNET)
1 67.229.238.34 35908 (VPLSNET)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
9 70.42.32.63 22075 (AS-OUTBRAIN)
12 23.35.229.181 16625 (AKAMAI-AS)
1 18.66.97.91 16509 (AMAZON-02)
4 18.66.112.59 16509 (AMAZON-02)
5 108.138.17.121 16509 (AMAZON-02)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 18.210.127.151 14618 (AMAZON-AES)
7 178.250.0.165 44788 (ASN-CRITE...)
4 3.127.45.54 16509 (AMAZON-02)
42 104.18.19.126 13335 (CLOUDFLAR...)
4 20 37.252.172.250 29990 (ASN-APPNEX)
2 151.101.114.132 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 108.138.7.47 16509 (AMAZON-02)
2 151.101.130.132 54113 (FASTLY)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 54.165.142.21 14618 (AMAZON-AES)
10 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
2 6 107.21.27.26 14618 (AMAZON-AES)
1 23.36.162.73 20940 (AKAMAI-ASN1)
2 151.101.66.132 54113 (FASTLY)
1 151.101.194.132 54113 (FASTLY)
2 2 185.29.134.248 30419 (MEDIAMATH...)
5 35.71.131.137 16509 (AMAZON-02)
4 5 3.67.157.21 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
2 4 34.241.100.149 16509 (AMAZON-02)
2 3 69.192.160.219 16625 (AKAMAI-AS)
1 2a04:4e42:400... 54113 (FASTLY)
3 3 50.31.142.255 23352 (SERVERCEN...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 142.250.181.226 15169 (GOOGLE)
3 23.35.236.201 16625 (AKAMAI-AS)
11 62.149.1.122 15497 (COLOCALL ...)
4 5 185.94.180.125 35220 (SPOTX-AMS)
1 1 3.120.95.199 16509 (AMAZON-02)
4 7 3.126.56.137 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
5 2600:9000:249... 16509 (AMAZON-02)
6 45.133.44.4 7018 (ATT-INTER...)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 34.199.10.63 14618 (AMAZON-AES)
1 198.47.127.19 62713 (AS-PUBMATIC)
4 52.222.209.55 16509 (AMAZON-02)
10 2a0c:5c81:514... 55081 (24SHELLS)
2 45.133.44.3 39572 (ADVANCEDH...)
1 23.36.163.232 20940 (AKAMAI-ASN1)
1 3.224.43.174 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a0c:5c81:514... 55081 (24SHELLS)
2 108.128.210.64 16509 (AMAZON-02)
3 169.197.150.8 398989 (DEEPINTENT)
2 213.19.147.43 3356 (LEVEL3)
1 34.107.148.139 15169 (GOOGLE)
1 216.52.2.30 32475 (SINGLEHOP...)
1 185.255.84.151 200271 (IGUANE-)
1 198.47.127.22 3257 (GTT-BACKB...)
1 50.31.142.223 23352 (SERVERCEN...)
2 185.184.8.90 204995 (RTB-HOUSE...)
5 2602:803:c003... 26667 (RUBICONPR...)
1 6 51.89.9.251 16276 (OVH)
1 35.244.159.8 15169 (GOOGLE)
3 3 23.75.240.210 16625 (AKAMAI-AS)
6 23.205.235.133 16625 (AKAMAI-AS)
2 7 76.223.111.18 16509 (AMAZON-02)
2 147.75.85.234 54825 (PACKET)
8 44 104.18.18.126 13335 (CLOUDFLAR...)
5 5 213.19.147.44 3356 (LEVEL3)
6 66.155.71.150 13768 (COGECO-PEER1)
2 35.186.253.211 15169 (GOOGLE)
5 2a02:2638::3 44788 (ASN-CRITE...)
2 3 2620:116:800d... 16509 (AMAZON-02)
2 16 142.250.186.66 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
3 4 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 37.157.6.246 198622 (ADFORM)
1 135.125.163.79 16276 (OVH)
4 54.175.105.5 14618 (AMAZON-AES)
1 2 37.252.172.249 29990 (ASN-APPNEX)
1 185.86.137.108 201081 (SMARTADSE...)
1 8.43.72.98 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 3 54.239.38.253 16509 (AMAZON-02)
1 2a00:1288:f03... 10310 (YAHOO-1)
4 7 52.46.130.91 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2600:1f18:612... 14618 (AMAZON-AES)
16 185.94.180.123 35220 (SPOTX-AMS)
7 23.35.236.247 16625 (AKAMAI-AS)
4 151.101.193.108 54113 (FASTLY)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 151.101.130.49 54113 (FASTLY)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 193.0.160.128 54312 (ROCKETFUEL)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 52.213.154.120 16509 (AMAZON-02)
2 5 37.157.4.23 198622 (ADFORM)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.213.85.80 14618 (AMAZON-AES)
1 1 52.205.37.96 14618 (AMAZON-AES)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 154.59.122.79 174 (COGENT-174)
2 3 169.50.137.182 36351 (SOFTLAYER)
1 63.251.232.165 32475 (SINGLEHOP...)
1 1 54.194.161.205 16509 (AMAZON-02)
3 3 3.121.253.223 16509 (AMAZON-02)
2 2 135.125.160.160 16276 (OVH)
1 1 54.236.193.228 14618 (AMAZON-AES)
1 141.226.228.48 200478 (TABOOLA-AS)
1 52.20.76.38 14618 (AMAZON-AES)
1 185.170.61.232 27381 (CASALE-MEDIA)
1 2600:1901:0:7... 15169 (GOOGLE)
2 2 54.225.153.167 14618 (AMAZON-AES)
2 2 34.95.81.168 396982 (GOOGLE-CL...)
2 192.132.33.46 18568 (BIDTELLECT)
3 3 34.96.71.22 15169 (GOOGLE)
1 2 18.233.196.70 14618 (AMAZON-AES)
2 3 23.75.246.168 16625 (AKAMAI-AS)
1 1 185.183.112.148 60350 (VP)
1 1 52.86.113.127 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 10 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 142.250.185.70 15169 (GOOGLE)
1 2 104.111.239.217 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
1 18.132.138.70 16509 (AMAZON-02)
7 178.250.2.146 44788 (ASN-CRITE...)
1 18.66.147.98 16509 (AMAZON-02)
1 18.66.147.59 16509 (AMAZON-02)
2 162.19.138.118 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 18.203.72.119 16509 (AMAZON-02)
2 3.8.108.133 16509 (AMAZON-02)
622 136
20    67.229.238.21 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.229.238.21.STATIC.KRYPT.COM
trivia.braincandy.net
10    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
19    2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2600:9000:225e:a400:19:b6f1:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)
dn0qt3r0xannq.cloudfront.net
16    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:223c:b800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    108.138.7.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-126.fra56.r.cloudfront.net
recirculation.spot.im
recirculation-cf.spot.im
1    18.66.122.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-119.fra60.r.cloudfront.net
launcher.spot.im
8    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
amplify.outbrain.com
widget-pixels.outbrain.com
1    67.229.238.36 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.229.238.36.STATIC.KRYPT.COM
cloud1.braincandy.net
1    67.229.238.34 (United States)

ASN35908 (VPLSNET, US)
PTR: 67.229.238.34.STATIC.KRYPT.COM
cdn2.triviatoday.com
10    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
9    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
mcdp-nydc1.outbrain.com
12    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    18.66.97.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-91.fra56.r.cloudfront.net
direct-events-collector.spot.im
4    18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net
publisher-assets.spot.im
5    108.138.17.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-121.fra56.r.cloudfront.net
api-2-0.spot.im
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:1f18:730:b130:1296:7358:4f0d:4115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    18.210.127.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-127-151.compute-1.amazonaws.com
rp4.liadm.com
7    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
4    3.127.45.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-45-54.eu-central-1.compute.amazonaws.com
tlx.3lift.com
42    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
20    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
14    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
adservice.google.de
4    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
6    108.138.7.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-47.fra56.r.cloudfront.net
static-cdn.spot.im
2    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
embed.playbuzz.com
5    2a02:26f0:3500:18::1724:a297 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.ex.co
3    54.165.142.21 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-142-21.compute-1.amazonaws.com
prd-collector-platform.ex.co
10    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
32    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    107.21.27.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-27-26.compute-1.amazonaws.com
i.liadm.com
1    23.36.162.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-73.deploy.static.akamaitechnologies.com
sli.braincandy.net
2    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
pixel.ex.co
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
embed.ex.co
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    3.67.157.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    34.241.100.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-100-149.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
e.dlx.addthis.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
3    50.31.142.255 (Lincolnwood, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    2600:1f18:ed:550a:412e:4f1e:a01:51cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
11    62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.spotim.market
sync.adtelligent.com
5    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    3.120.95.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-95-199.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
id.rlcdn.com
5    2600:9000:2491:9a00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
6    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.spotim.market
player.adtelligent.com
5    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
7    34.199.10.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-10-63.compute-1.amazonaws.com
track1.aniview.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net
c.amazon-adsystem.com
10    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.spotim.market
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
2    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.deliveryapis.com
1    23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com
img.ex.co
1    3.224.43.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-43-174.compute-1.amazonaws.com
go1.aniview.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
8    2a0c:5c81:5149:0:c634:6bff:fefd:5008 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    108.128.210.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-210-64.eu-west-1.compute.amazonaws.com
trends.revcontent.com
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
prebid.deepintent.com
match.deepintent.com
2    213.19.147.43 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
1    50.31.142.223 (Lincolnwood, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1h.zemanta.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
5    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
spot-im-d.openx.net
3    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
44    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
5    213.19.147.44 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
16    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    135.125.163.79 (United States)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
rtb.adxpremium.services
4    54.175.105.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-105-5.compute-1.amazonaws.com
sync.aniview.com
2    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)
ads.yahoo.com
7    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2600:1f18:612b:4216:db47:8d93:ff67:39f9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p4dt2-980w2.ads.tremorhub.com
16    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
7    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
4    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    2a05:d018:d29:3601:1c03:949a:3875:f724 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
3    52.213.154.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-154-120.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
5    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    18.213.85.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-85-80.compute-1.amazonaws.com
rtb.adentifi.com
1    52.205.37.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-37-96.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
16    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
3    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    54.194.161.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-161-205.eu-west-1.compute.amazonaws.com
d.adroll.com
3    3.121.253.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-253-223.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    135.125.160.160 (United States)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    54.236.193.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-193-228.compute-1.amazonaws.com
nep.advangelists.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    52.20.76.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-76-38.compute-1.amazonaws.com
gw.geoedge.be
1    185.170.61.232 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5291.casalemedia.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
2    54.225.153.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-153-167.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    34.96.71.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    18.233.196.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-196-70.compute-1.amazonaws.com
um2.eqads.com
3    23.75.246.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com
px.owneriq.net
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    52.86.113.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-113-127.compute-1.amazonaws.com
sync.extend.tv
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    18.132.138.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
track.webgains.com
7    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
1    18.66.147.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-59.fra60.r.cloudfront.net
cdn.track.production.webgains.team
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    18.203.72.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    3.8.108.133 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-108-133.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
87 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
ssum.casalemedia.com — Cisco Umbrella Rank: 1950
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
dsum.casalemedia.com — Cisco Umbrella Rank: 2337
a5291.casalemedia.com — Cisco Umbrella Rank: 659023
64 KB
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
487 KB
39 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
ad.doubleclick.net — Cisco Umbrella Rank: 214
414 KB
26 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
secure.adnxs.com — Cisco Umbrella Rank: 725
acdn.adnxs.com — Cisco Umbrella Rank: 876
84 KB
24 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
26 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 694
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365
eus.rubiconproject.com — Cisco Umbrella Rank: 840
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1325
token.rubiconproject.com — Cisco Umbrella Rank: 1115
40 KB
23 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
ajax.googleapis.com — Cisco Umbrella Rank: 480
325 KB
22 braincandy.net
trivia.braincandy.net — Cisco Umbrella Rank: 418062
cloud1.braincandy.net
sli.braincandy.net — Cisco Umbrella Rank: 454048
201 KB
21 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 778
search.spotxchange.com — Cisco Umbrella Rank: 678
19 KB
19 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6406
ghb.adtelligent.com — Cisco Umbrella Rank: 6082
s.adtelligent.com — Cisco Umbrella Rank: 5516
ghb1.adtelligent.com — Cisco Umbrella Rank: 9342
ghb2.adtelligent.com — Cisco Umbrella Rank: 12242
sync.adtelligent.com — Cisco Umbrella Rank: 6001
102 KB
19 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1474
amplify.outbrain.com — Cisco Umbrella Rank: 3293
tr.outbrain.com — Cisco Umbrella Rank: 2932
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337
odb.outbrain.com — Cisco Umbrella Rank: 1813
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5995
mv.outbrain.com — Cisco Umbrella Rank: 2878
168 KB
19 spot.im
recirculation.spot.im — Cisco Umbrella Rank: 40716
recirculation-cf.spot.im — Cisco Umbrella Rank: 31240
launcher.spot.im — Cisco Umbrella Rank: 5483
direct-events-collector.spot.im — Cisco Umbrella Rank: 5182
publisher-assets.spot.im — Cisco Umbrella Rank: 5359
api-2-0.spot.im — Cisco Umbrella Rank: 3811
static-cdn.spot.im — Cisco Umbrella Rank: 4961
172 KB
17 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2410
track1.aniview.com — Cisco Umbrella Rank: 2549
go1.aniview.com — Cisco Umbrella Rank: 5345
sync.aniview.com — Cisco Umbrella Rank: 3125
226 KB
16 ad4m.at
ad4m.at — Cisco Umbrella Rank: 3248
as.ad4m.at — Cisco Umbrella Rank: 25297
assets.ad4m.at — Cisco Umbrella Rank: 32564
467 KB
16 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 2867
player.spotim.market — Cisco Umbrella Rank: 8501
ghb.spotim.market — Cisco Umbrella Rank: 10099
172 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
s.amazon-adsystem.com — Cisco Umbrella Rank: 415
53 KB
13 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 942
cdn.indexww.com — Cisco Umbrella Rank: 2169
12 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
186 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
ads.yahoo.com — Cisco Umbrella Rank: 3595
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
6 KB
12 ex.co
static.ex.co — Cisco Umbrella Rank: 77051
prd-collector-platform.ex.co — Cisco Umbrella Rank: 137500
pixel.ex.co — Cisco Umbrella Rank: 172067
embed.ex.co — Cisco Umbrella Rank: 130749
img.ex.co — Cisco Umbrella Rank: 314075
334 KB
12 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265
images.outbrainimg.com — Cisco Umbrella Rank: 2497
311 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
eb2.3lift.com — Cisco Umbrella Rank: 652
4 KB
11 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4607
rp.liadm.com — Cisco Umbrella Rank: 2701
rp4.liadm.com — Cisco Umbrella Rank: 6388
i.liadm.com — Cisco Umbrella Rank: 935
i6.liadm.com — Cisco Umbrella Rank: 2789
18 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 305
218 KB
10 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
396 KB
7 adform.net
adx.adform.net — Cisco Umbrella Rank: 3113
c1.adform.net — Cisco Umbrella Rank: 1015
3 KB
6 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 951
955 B
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
1 KB
6 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2173
gw.geoedge.be — Cisco Umbrella Rank: 2693
1 MB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
142 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 713
image6.pubmatic.com — Cisco Umbrella Rank: 891
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
18 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 420
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
1 KB
5 cloudfront.net
dn0qt3r0xannq.cloudfront.net
93 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 845
b1h.zemanta.com — Cisco Umbrella Rank: 5715
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 297
2 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
160 KB
4 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 6346
58 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 21601
api.webgains.io — Cisco Umbrella Rank: 44543
85 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1924
1 KB
3 company-target.com
s.company-target.com — Cisco Umbrella Rank: 6405
1013 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1307
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1468
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 846
1 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1531
pixel.quantserve.com — Cisco Umbrella Rank: 691
1 KB
3 openx.net
spot-im-d.openx.net — Cisco Umbrella Rank: 13180
rtb.openx.net — Cisco Umbrella Rank: 2282
1 KB
3 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1316
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
743 B
3 deepintent.com
prebid.deepintent.com — Cisco Umbrella Rank: 11199
match.deepintent.com — Cisco Umbrella Rank: 1399
251 B
3 rlcdn.com
di.rlcdn.com — Cisco Umbrella Rank: 2877
id.rlcdn.com — Cisco Umbrella Rank: 885
api.rlcdn.com — Cisco Umbrella Rank: 1084
397 B
3 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 2012
e.dlx.addthis.com — Cisco Umbrella Rank: 3095
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
388 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 636
1 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15259
1 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 6166
563 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1128
366 B
2 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 6550
461 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1116
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 118730
static-de.ad4mat.net — Cisco Umbrella Rank: 171877
4 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 2124
850 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1268
850 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5726
363 B
2 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2673
201 B
2 deliveryapis.com
p.deliveryapis.com — Cisco Umbrella Rank: 32716
27 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 918
sync.taboola.com — Cisco Umbrella Rank: 1545
466 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6886
749 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 743
1 KB
2 playbuzz.com
embed.playbuzz.com — Cisco Umbrella Rank: 100044
41 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 976
120 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2151
342 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 55668
11 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 37685
2 KB
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 64502
518 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
577 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 2906
546 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2188
307 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 4166
233 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2535
112 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2381
408 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2435
637 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2522
567 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2164
35 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1389
358 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1205
757 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3934
187 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 949
177 B
1 tremorhub.com
p4dt2-980w2.ads.tremorhub.com — Cisco Umbrella Rank: 19530
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 894
704 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267
75 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 8732
1 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 2085
296 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1463
356 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4860
890 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
655 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1802
437 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1612
191 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
646 B
1 triviatoday.com
cdn2.triviatoday.com — Cisco Umbrella Rank: 308845
419 B
622 102
Domain Requested by
41 htlb.casalemedia.com dn0qt3r0xannq.cloudfront.net
player.spotim.market
player.aniview.com
32 tpc.googlesyndication.com trivia.braincandy.net
securepubads.g.doubleclick.net
0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
tpc.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
rumcdn.geoedge.be
28 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
um2.eqads.com
20 ib.adnxs.com 4 redirects dn0qt3r0xannq.cloudfront.net
player.spotim.market
player.adtelligent.com
ssum.casalemedia.com
acdn.adnxs.com
ssum-sec.casalemedia.com
20 trivia.braincandy.net 1 redirects trivia.braincandy.net
19 fonts.googleapis.com trivia.braincandy.net
securepubads.g.doubleclick.net
embed.playbuzz.com
client
tpc.googlesyndication.com
googleads.g.doubleclick.net
16 search.spotxchange.com player.aniview.com
16 cm.g.doubleclick.net 2 redirects trivia.braincandy.net
googleads.g.doubleclick.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
16 pagead2.googlesyndication.com trivia.braincandy.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
rumcdn.geoedge.be
15 ssum-sec.casalemedia.com 7 redirects trivia.braincandy.net
js-sec.indexww.com
rumcdn.geoedge.be
14 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
trivia.braincandy.net
rumcdn.geoedge.be
11 images.outbrainimg.com trivia.braincandy.net
10 gum.criteo.com 5 redirects static.criteo.net
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 fonts.gstatic.com fonts.googleapis.com
10 connect.facebook.net trivia.braincandy.net
connect.facebook.net
9 sync.spotim.market trivia.braincandy.net
rumcdn.geoedge.be
s.adtelligent.com
8 s.adtelligent.com rumcdn.geoedge.be
7 mug.criteo.com trivia.braincandy.net
7 js-sec.indexww.com dn0qt3r0xannq.cloudfront.net
player.aniview.com
ssum-sec.casalemedia.com
7 s.amazon-adsystem.com 4 redirects trivia.braincandy.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
7 eb2.3lift.com 2 redirects rumcdn.geoedge.be
dn0qt3r0xannq.cloudfront.net
7 track1.aniview.com trivia.braincandy.net
player.aniview.com
7 ups.analytics.yahoo.com 4 redirects player.aniview.com
ssum-sec.casalemedia.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 www.google.com 2 redirects trivia.braincandy.net
googleads.g.doubleclick.net
rumcdn.geoedge.be
tpc.googlesyndication.com
7 bidder.criteo.com dn0qt3r0xannq.cloudfront.net
player.spotim.market
player.adtelligent.com
6 assets.ad4m.at as.ad4m.at
6 ad4m.at ssum-sec.casalemedia.com
as.ad4m.at
ad4m.at
6 cdn.indexww.com ssum-sec.casalemedia.com
6 pixel-sync.sitescout.com trivia.braincandy.net
s.adtelligent.com
player.aniview.com
ssum-sec.casalemedia.com
6 eus.rubiconproject.com rumcdn.geoedge.be
eus.rubiconproject.com
player.aniview.com
6 onetag-sys.com 1 redirects player.spotim.market
rumcdn.geoedge.be
player.adtelligent.com
3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
6 i.liadm.com 2 redirects b-code.liadm.com
i.liadm.com
6 mcdp-nydc1.outbrain.com widgets.outbrain.com
6 static-cdn.spot.im launcher.spot.im
trivia.braincandy.net
static-cdn.spot.im
5 c1.adform.net 2 redirects ssum-sec.casalemedia.com
5 static.criteo.net dn0qt3r0xannq.cloudfront.net
static.criteo.net
player.spotim.market
player.adtelligent.com
5 fastlane.rubiconproject.com player.spotim.market
5 player.aniview.com static-cdn.spot.im
player.aniview.com
5 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
trivia.braincandy.net
5 sync.search.spotxchange.com 4 redirects trivia.braincandy.net
5 x.bidswitch.net 4 redirects ssum-sec.casalemedia.com
5 match.adsrvr.org i.liadm.com
trivia.braincandy.net
ssum.casalemedia.com
player.spotim.market
5 static.ex.co embed.playbuzz.com
static.ex.co
5 api-2-0.spot.im launcher.spot.im
static-cdn.spot.im
5 widgets.outbrain.com trivia.braincandy.net
widgets.outbrain.com
5 dn0qt3r0xannq.cloudfront.net trivia.braincandy.net
dn0qt3r0xannq.cloudfront.net
4 as.ad4m.at rumcdn.geoedge.be
as.ad4m.at
ad4m.at
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
4 acdn.adnxs.com dn0qt3r0xannq.cloudfront.net
4 token.rubiconproject.com 4 redirects
4 sync.aniview.com player.aniview.com
ssum.casalemedia.com
4 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
4 sync.1rx.io 4 redirects
4 ghb.adtelligent.com p.deliveryapis.com
player.spotim.market
4 ghb.spotim.market player.spotim.market
4 c.amazon-adsystem.com player.spotim.market
c.amazon-adsystem.com
4 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
rumcdn.geoedge.be
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
rumcdn.geoedge.be
4 tlx.3lift.com dn0qt3r0xannq.cloudfront.net
4 publisher-assets.spot.im launcher.spot.im
trivia.braincandy.net
4 www.googletagservices.com trivia.braincandy.net
0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
googleads.g.doubleclick.net
rumcdn.geoedge.be
4 ajax.googleapis.com trivia.braincandy.net
4 netdna.bootstrapcdn.com trivia.braincandy.net
netdna.bootstrapcdn.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 s.company-target.com 3 redirects
3 pm.w55c.net 3 redirects
3 um.simpli.fi 2 redirects ssum-sec.casalemedia.com
3 match.prod.bidr.io ssum-sec.casalemedia.com
3 aax-eu.amazon-adsystem.com 2 redirects trivia.braincandy.net
3 secure-assets.rubiconproject.com 3 redirects
3 www.gstatic.com googleads.g.doubleclick.net
3 player.adtelligent.com player.spotim.market
p.deliveryapis.com
player.adtelligent.com
3 player.spotim.market trivia.braincandy.net
player.spotim.market
3 ads.pubmatic.com static-cdn.spot.im
rumcdn.geoedge.be
player.aniview.com
3 b1sync.zemanta.com 3 redirects
3 prd-collector-platform.ex.co embed.playbuzz.com
trivia.braincandy.net
static.ex.co
3 www.facebook.com trivia.braincandy.net
connect.facebook.net
3 tr.outbrain.com amplify.outbrain.com
trivia.braincandy.net
2 api.webgains.io analytics.webgains.io
2 id5-sync.com player.adtelligent.com
player.spotim.market
2 www.awin1.com 1 redirects as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 bttrack.com ssum-sec.casalemedia.com
2 euexchangesync.digitaleast.mobi 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 ad.turn.com 2 redirects
2 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
2 secure.adnxs.com 1 redirects ssum.casalemedia.com
2 adx.adform.net player.adtelligent.com
2 rtb.openx.net trivia.braincandy.net
googleads.g.doubleclick.net
2 sync.adtelligent.com rumcdn.geoedge.be
2 prebid.a-mo.net rumcdn.geoedge.be
2 prebid-eu.creativecdn.com player.spotim.market
player.adtelligent.com
2 targeting.unrulymedia.com player.spotim.market
2 prebid.deepintent.com player.spotim.market
2 trends.revcontent.com player.spotim.market
2 p.deliveryapis.com rumcdn.geoedge.be
p.deliveryapis.com
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 pool.admedo.com 2 redirects
2 sync.mathtag.com 2 redirects
2 pixel.ex.co static.ex.co
2 embed.playbuzz.com trivia.braincandy.net
embed.playbuzz.com
2 0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com trivia.braincandy.net
www.google-analytics.com
2 amplify.outbrain.com trivia.braincandy.net
2 b-code.liadm.com trivia.braincandy.net
b-code.liadm.com
2 code.jquery.com trivia.braincandy.net
1 id.crwdcntrl.net player.spotim.market
1 api.rlcdn.com player.spotim.market
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 banner.congstar.de as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 sync.targeting.unrulymedia.com 1 redirects
1 s0.2mdn.net 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
1 sync.extend.tv 1 redirects
1 sync.adotmob.com 1 redirects
1 prod-rtb.ad4mat.net rumcdn.geoedge.be
1 a5291.casalemedia.com rumcdn.geoedge.be
1 gw.geoedge.be rumcdn.geoedge.be
1 sync.taboola.com ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 d.adroll.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 csync.loopme.me 1 redirects
1 p.rfihub.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync-tm.everesttech.net ssum-sec.casalemedia.com
1 match.deepintent.com ssum.casalemedia.com
1 p4dt2-980w2.ads.tremorhub.com player.aniview.com
1 id.rlcdn.com trivia.braincandy.net
1 px.ads.linkedin.com trivia.braincandy.net
1 ads.yahoo.com trivia.braincandy.net
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 ssbsync.smartadserver.com player.aniview.com
1 ssum.casalemedia.com player.aniview.com
1 rtb.adxpremium.services player.adtelligent.com
1 ag.innovid.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 e.dlx.addthis.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 spot-im-d.openx.net player.spotim.market
1 ghb2.adtelligent.com player.spotim.market
1 b1h.zemanta.com player.spotim.market
1 ghb1.adtelligent.com player.spotim.market
1 hbopenbid.pubmatic.com player.spotim.market
1 hb-api.omnitagjs.com player.spotim.market
1 ap.lijit.com player.spotim.market
1 prebid.media.net player.spotim.market
1 go1.aniview.com player.aniview.com
1 img.ex.co trivia.braincandy.net
1 image6.pubmatic.com ads.pubmatic.com
1 di.rlcdn.com trivia.braincandy.net
1 pixel.advertising.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 i6.liadm.com i.liadm.com
1 trc.taboola.com i.liadm.com
1 embed.ex.co static.ex.co
1 sli.braincandy.net trivia.braincandy.net
1 mv.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 rp4.liadm.com trivia.braincandy.net
1 rp.liadm.com 1 redirects
1 direct-events-collector.spot.im launcher.spot.im
1 widget-pixels.outbrain.com trivia.braincandy.net
1 tcheck.outbrainimg.com widgets.outbrain.com
1 cdn2.triviatoday.com ajax.googleapis.com
1 cloud1.braincandy.net trivia.braincandy.net
1 launcher.spot.im trivia.braincandy.net
1 recirculation-cf.spot.im trivia.braincandy.net
1 recirculation.spot.im 1 redirects
622 182

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.outbrain.com
Subject Issuer Validity Valid
*.braincandy.net
Go Daddy Secure Certificate Authority - G2		 2021-10-20 -
2022-10-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-21 -
2022-09-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.spot.im
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.triviatoday.com
Go Daddy Secure Certificate Authority - G2		 2021-10-20 -
2022-10-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.playbuzz.com
Go Daddy Secure Certificate Authority - G2		 2022-06-06 -
2023-07-08		 a year crt.sh
cdn.ex.co
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2022-06-06 -
2023-07-08		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sli.triviatoday.com
R3		 2022-07-14 -
2022-10-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
player.spotim.market
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
ghb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-08-23 -
2022-11-21		 3 months crt.sh
p.deliveryapis.com
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh
player.adtelligent.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
revcontent.com
Amazon		 2022-07-25 -
2023-08-23		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-08 -
2022-11-06		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-08 -
2022-11-06		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2022-01-02 -
2023-02-02		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-08-16 -
2022-11-14		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
um3.eqads.com
Amazon		 2022-06-11 -
2023-07-09		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh

This page contains 88 frames:

Primary Page: https://trivia.braincandy.net/?038e28c5-news-template-
Frame ID: F98833B0455D26784979086B3B584C2F
Requests: 203 HTTP requests in this frame

Frame: https://trivia.braincandy.net/sendEmail.asp?c=3E038D&sw=1600&dName=&title=Quiz:%20This%20Week%20in%20the%20News
Frame ID: 0D1BC92C9EC40931B731F2E5D9356F5F
Requests: 5 HTTP requests in this frame

Frame: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Frame ID: 62F0DEC32A90655EF179474734DF0F48
Requests: 14 HTTP requests in this frame

Frame: https://trivia.braincandy.net/playNew.asp?id=cfd78290-d421-43a7-aec7-71b7bed277bf&ia=nancyg15/038e28c5-news-template-&m=&c=3E038D
Frame ID: B4E33769294CBE0942E9D15DDB1F5E0F
Requests: 6 HTTP requests in this frame

Frame: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3D9BC45547FC5B767542B143AD2CEE0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042208242209000/amp4ads-v0.mjs
Frame ID: 35931A33D78A41474201B120602D5136
Requests: 18 HTTP requests in this frame

Frame: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E6A4E90C32081EAF965C4AE04533DFE
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: CE59EAD3D24C46EE6D26B48C495BFD65
Requests: 14 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 0E6A7B9DFD35AD5CC62AE9B458C39050
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap
Frame ID: 2711EAC4684BAE0AC272B84507CB0A42
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486
Frame ID: 08F7966E673431DB92F5A19BF4B9F39B
Requests: 10 HTTP requests in this frame

Frame: https://embed.ex.co/xdomain_cookie.html
Frame ID: D84CE21F88FB6A3A66476ECDD5C602EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: 3C17C53131662A20760330D607EC05A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 55FF3A1F921E874230A6D876E0DA8449
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3297660157133908&output=html&adk=1812271804&adf=3025194257&lmt=1662990014&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662990013790&bpp=3&bdt=2817&idt=391&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d0883c8da504b63%3AT%3D1662990013%3AS%3DALNI_MYauG8SBQZK7XF-iasRH-ABOYPUoQ&nras=1&correlator=375042111743&frm=20&pv=2&ga_vid=805242697.1662990013&ga_sid=1662990013&ga_hid=210064594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44760912%2C31069438&oid=2&pvsid=3974309788351676&tmod=1473229242&uas=0&nvt=1&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=407
Frame ID: 200F92B82082047572E814BC6C5FA5DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 3E22697ABAE7B1EC03FB2C0EAA9D1581
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 665467F437E4E20D1D037F6E15F25993
Requests: 60 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: D22A08E40F1FD3775F0A544785656E67
Requests: 4 HTTP requests in this frame

Frame: https://p.deliveryapis.com/prebidlink/19247/j.html?i=11597
Frame ID: 858F4B38834BBB852594B1A718DACB2B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Frame ID: DE3AE0FF21D430D4F6447E049FFC3B7D
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0BC2AA6C1BBE2BB4C9206524E4C21F7F
Requests: 8 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=752915
Frame ID: 3995DBD477CC8EF3B4BB27BA53978B17
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=744459
Frame ID: E4339746FD74D3A071102BB48A0667C5
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=735207
Frame ID: 38423D7D0715D70857045E5E7D398717
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=736291
Frame ID: 4720D673860CBB4ECF3E304BDF46E5F8
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=730717
Frame ID: C8D9B9F577FA01A9FB42EC81E1A6E16C
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=744458
Frame ID: A37F6A6851A4B694C823D035A74A3981
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=744445
Frame ID: D5FEA7C16FE392673CA9E5BB9C41A5E4
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=654586
Frame ID: 77FE6EB6A0025D492E03050D85DBFF6F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8CA99B84E4D6366658EF3E290B870ED8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15358EC2AE59A48268F47B4B7BF750B2
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 6025A5C4CF3AAAADE439F58E07B2F524
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 42C30713013DD08FAE4073F8BF28F20A
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID
Frame ID: 1DBC8C3A732BBE1A3DD4BD17E120C035
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Frame ID: 064C82D1C21825C7D7270811959D7E86
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: C49B92AC60BF46E6D3277A2AE05B9E35
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 257D311DB095C03615193B56A3B6F54A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: A7C839F0AE69F5CD38191E16C3DA1B9F
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5NDJstcArpS1lMZxgAA%261132
Frame ID: E8C3F3F8E9E7F3F08F89D22D953DF5B6
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219
Frame ID: 6F54B4B26E5335B7599A7F69360498CF
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Frame ID: D73A3143670986D8068CF93427CE2D2D
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: E2D4D35BCEB5119CA3427724DDCF72A7
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
Frame ID: 429243DF184730D8DD04EE772D14AE43
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 0E53BAC17727655FC824F536E74CDB50
Requests: 11 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Frame ID: 37F1949FA1A650324A27A634995A05B2
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=2&key=6e6770b4-32a0-11ed-ad81-1f6fc1870506
Frame ID: A206B876C09407485CF48EA26404FB5A
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Frame ID: 40F1663EC1A5687451580EC762691BF2
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=55&key=1191377105773987456
Frame ID: 22883E8A171867CF08AE38A494BBF441
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D1%26key%3D
Frame ID: F29728C31999017AFBA9286F7C217283
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 4D8BAF723EB71FEFB9E598F1C692EA8D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: B9EB20FF6D02DED3749DDDE91ED63F1D
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=200&key=OPTOUT
Frame ID: 4884B1971509BE720E2C0579DD19DA77
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: 3CF755D8B5D52AA2DE548301A563F3D0
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FC732FEAC4794D67EC1A05724862D6C9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 070A64C2ED6712C5AD072AC0C9D1D08B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: C40E21C4CFF0C528CF11EBA75506FC71
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F40D5D11B99DFA094AD39AD8BE1F8CF2
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AF9768CD04FAA979B2DFE15527F4F025
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8D9D1D5E29883A4BE197CC0CCBA8F89E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 834E0C62FEB3760F0B4CB3071EEF41E1
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5469FB0B2122C92C848B24F2F89611DC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9443B8C35E5BD17B32A0F46AF718C73C
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: C7DEF059ADD305B87B514D0EDA3EA9CA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CB83473189DFE1594B12FFC0A2E4B890
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4AE1E8491E0F3F1F059F67373B689833
Requests: 1 HTTP requests in this frame

Frame: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 990477DB19FE96E1A9B8275F8107C9CB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3E84E13DDF2A3A8EA31602D36B954090
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BD7B2970C89D9DB4794EAF2EFF867CFB
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DA6A57627086FC0261212566AE653F17
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F010E3B4CC5F6C16D4132FD90BC99AB6
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1BC24DCEA90A4A03CEE30AB770C2AF4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9F48EA417D33DDEA85842C5B941D870
Requests: 2 HTTP requests in this frame

Frame: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 68118B3351EA7AAF8C5A05138FDF4FDB
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EE8861500983A5CB2D427D6851B4CEE9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 29E110188B83B32205A2992D091D81E1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 67C4C433477E8703EBCA7C0D445AAABD
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B0AA7F4A93859CF46E9F389AB1B30568
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hhqcjm2bxp7knay9k24xg3k8hf5a4mvgztyqb63sj21kyfeb2egfmb0kbnfk2xscbk9y3mty0my9a12xkgvxq30qkqjrw20g9s9b3tc3195dk441bp9kb3ratvx1xc794zf5qj4spveh2w5neajt9bh78ny0t74h745ad3944dk8e7zd3hkygk0redtend7695a7yv5yva8ag4dj13zd1y0srh2eff42qy2wnmxndvgtj3tmfrrxg2fahrm65xn216xpbfrdnwz7fe5zghv38gydsw72sbavy7wbsvsxm7nbzqe4xc6b7cf802z6mn09xdsbfn2fx3r8v16d8ragtdsdmqymyzhbxpra9zzjkfqaysqnyp8s4f1y9rmx2j14jtzcnxfhmgw24w2mwv9hbmy4st07kgj41nhj4dqah6w5rz6jzkp0&x=
Frame ID: B1757FC3F9344428FC1E94C739A207D9
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Frame ID: AED3465FAB81AFE7011C7DF11E5789C9
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA8FD5A3BCDDF6332F896E68A0F975BD
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 58C762794B5699C3B5EAF237C78FEE9D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=trivia.braincandy.net
Frame ID: 14DE507D6D4DB3011B40E7372EB483FA
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 37EAEF67131A9A40E836919CF2D12334
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Frame ID: 7C32D10765C78718C04025923605148E
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=trivia.braincandy.net
Frame ID: CEF1E0DBE7B11578A9E2124B7AF5EF42
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=trivia.braincandy.net
Frame ID: 2E40BC9302FCF6E996D8C3DC38A4C78E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D5A2F7AAE737A87C89FD222D1E5DFA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5EB79316B47726F686714BD9B800BF5C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Brain Candy

Page URL History Show full URLs

  1. http://trivia.braincandy.net/ HTTP 301
    https://trivia.braincandy.net/ Page URL
  2. https://trivia.braincandy.net/?038e28c5-news-template- Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

622
Requests

89 %
HTTPS

28 %
IPv6

102
Domains

182
Subdomains

136
IPs

12
Countries

6371 kB
Transfer

16815 kB
Size

107
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trivia.braincandy.net/ HTTP 301
    https://trivia.braincandy.net/ Page URL
  2. https://trivia.braincandy.net/?038e28c5-news-template- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://trivia.braincandy.net/ HTTP 301
  • https://trivia.braincandy.net/
Request Chain 27
  • https://recirculation.spot.im/spot/sp_HQI9uHrd HTTP 302
  • https://recirculation-cf.spot.im/empty.html
Request Chain 66
  • https://rp.liadm.com/j?dtstmp=1662990012725&aid=a-01lm&se=e30&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&tna=v2.4.2&pu=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&wpn=lc-bundle&refr=https%3A%2F%2Ftrivia.braincandy.net%2F&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT48aDE-NzY8L2gxPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1662990012725&aid=a-01lm&se=e30&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&tna=v2.4.2&pu=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&wpn=lc-bundle&refr=https%3A%2F%2Ftrivia.braincandy.net%2F&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT48aDE-NzY8L2gxPg&i6=MmEwMTo0YTA6MTMzODo5Mjo6Mw%3D%3D&n3pc=true
Request Chain 186
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01lm%2F0%2F4efc1a8057244e5799461185ba13f9a7%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&864e37a3-6fe1-43b7-b25b-cffb3a9e4f25 HTTP 302
  • https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=7156&muid=e87a631f-36be-4f00-850a-dc03c98b21c5
Request Chain 188
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=0affba2d-acc5-4bae-b59c-7cce70a173a1 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=0affba2d-acc5-4bae-b59c-7cce70a173a1 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=0affba2d-acc5-4bae-b59c-7cce70a173a1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d54074aa-82e6-4dad-b5e3-2a98cedd8acd&user_group=1&ssp=liveintent&bsw_param=0affba2d-acc5-4bae-b59c-7cce70a173a1 HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=0affba2d-acc5-4bae-b59c-7cce70a173a1
Request Chain 189
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01lm%2F0%2F4efc1a8057244e5799461185ba13f9a7%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01lm%2F0%2F4efc1a8057244e5799461185ba13f9a7%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=82775&muid=72381674148779969430150512367849694544
Request Chain 190
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&rd=Y
Request Chain 192
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Request Chain 219
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 224
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Request Chain 225
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=6e677123-32a0-11ed-ad81-1f6fc1870506
Request Chain 226
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-eRJS4LdE2uFJaQcZAz.sSqbFbaTDWC5K~A
Request Chain 227
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=6e675496-32a0-11ed-9ad9-10d4c6b20206 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=6e6770b4-32a0-11ed-ad81-1f6fc1870506
Request Chain 317
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 319
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Request Chain 323
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5NDJstcArpS1lMZxgAA%261132
Request Chain 324
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219
Request Chain 325
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Request Chain 327
  • https://ups.analytics.yahoo.com/ups/58558/occ HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
Request Chain 328
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 329
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1662990015540 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3264305471
Request Chain 331
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Request Chain 332
  • https://ups.analytics.yahoo.com/ups/58558/occ HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
Request Chain 338
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AUfZMNHliRHcXSO_5KzGxHLvS2Ure3e10D7Dm2l5Ahk6Qzgj6kxxEwMoLvxQ0gN72jTlxb_gyKo4xrcdSikizijRPfoauQ&google_gid=CAESEJtoQMQ7ZKn3dJh1P2EibR0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTIxMzQwMTQwMDAxMDUxMjkyMzMyOA%3D%3D&google_push=AehlK4AUfZMNHliRHcXSO_5KzGxHLvS2Ure3e10D7Dm2l5Ahk6Qzgj6kxxEwMoLvxQ0gN72jTlxb_gyKo4xrcdSikizijRPfoauQ
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMqqMziPgsTmJchfipWdEzs&google_cver=1&google_push=AehlK4B3V6o4c6HraXZ0JLK-jzdwkHkxx3SUNR6hASEKKIkCDApNwcHjW7xFjpmrT_D9mXb32odjGkFNAsxlTBJWAqwB-Z2BV_C5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlgtUS1UQ1I=&google_push=AehlK4B3V6o4c6HraXZ0JLK-jzdwkHkxx3SUNR6hASEKKIkCDApNwcHjW7xFjpmrT_D9mXb32odjGkFNAsxlTBJWAqwB-Z2BV_C5
Request Chain 342
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_cver=1&google_push=AehlK4DrNlFnInZCvw-013Qq_K_lZF_JPoZIp0BzfiLU7OXMadXLellUvNG_TMf9YZkYWkguggpgLzH-H8RkfcbUMX6KGsKytb7Y HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_push=AehlK4DrNlFnInZCvw-013Qq_K_lZF_JPoZIp0BzfiLU7OXMadXLellUvNG_TMf9YZkYWkguggpgLzH-H8RkfcbUMX6KGsKytb7Y&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_hm=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&google_nid=index&google_push=AehlK4DrNlFnInZCvw-013Qq_K_lZF_JPoZIp0BzfiLU7OXMadXLellUvNG_TMf9YZkYWkguggpgLzH-H8RkfcbUMX6KGsKytb7Y
Request Chain 345
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 360
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=2&key=6e6770b4-32a0-11ed-ad81-1f6fc1870506
Request Chain 362
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=55&key=1191377105773987456
Request Chain 365
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 366
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=200&key=OPTOUT
Request Chain 374
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjBiN2Q3OTMxYjg5YzcwOTliNzg2YjBlOGQ2NGQ1NWVjMmQ2MDg2MA
Request Chain 375
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9JWXd4-vSkKIFIiy8tE5Mw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9JWXd4-vSkKIFIiy8tE5Mw
Request Chain 376
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7YTBGBZ-M-KEIH&sigv=1&esig=2~0263cdeb1f38d8ae6510e196bcfe6ae82f55db6c
Request Chain 377
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WTW9uipgQTqWLWIy7Q0wmw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTW9uipgQTqWLWIy7Q0wmw
Request Chain 378
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7YTBGBZ-M-KEIH
Request Chain 380
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlotTS1LRUlI
Request Chain 399
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
Request Chain 400
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx82v5ge6IqyhHPwa4qmSQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMiNBVSTiAJoBYDxjOR3Vgo&google_cver=1&gdpr=1
Request Chain 404
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e87a631f-36be-4f00-850a-dc03c98b21c5&gdpr=1&gdpr_consent=
Request Chain 451
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3036409443098168304
Request Chain 454
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663076416&gdpr=1
Request Chain 455
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 456
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196423217607265
Request Chain 461
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
Request Chain 462
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2032ee11-ad24-4b35-83de-49d034da406f&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 464
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3108467037136096240
Request Chain 470
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
Request Chain 473
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dfc364dd-7eae-4624-8c0c-fa874c3378d3&expiration=1694526016
Request Chain 475
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692401733433
Request Chain 478
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 480
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 481
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
Request Chain 482
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 483
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13ce7289-7330-4681-8d48-8418dde65352
Request Chain 514
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=c0vclX78RgZhg5_QdxcvZlD_B2o
Request Chain 515
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d991e3be-3945-40b7-bfc9-5549a4ca01ef
Request Chain 517
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=1b1bebb5-2445-455d-b551-f28ae5396a8d
Request Chain 518
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
Request Chain 519
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
Request Chain 522
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2LzLJv21QixZtEcWmuVcO1D_B2o
Request Chain 523
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=853a841c-4ce6-410f-a6a5-1f2d2a44cada
Request Chain 524
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=86bfd824-c6db-46af-882d-ecfef7071ee8
Request Chain 527
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 531
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 537
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162764171194441788&uid=Q7162764171194441788&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 538
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 539
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b4115738-598f-4a51-8b9f-013d60b6ac60
Request Chain 542
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=3f34970c-22ed-461d-8a35-fd0f6e8250ff
Request Chain 545
  • https://um.simpli.fi/gp_match?google_gid=CAESEAEgm0gdkftBfwy742BHFOE&google_cver=1&google_push=AehlK4AHZsgpRPHR1T4Sz4LB7iZiEXVk7dVkC6N9xqLtGWquSX2LSiN1pPeNHFuQOBn4Ukfx1VzWo0oGLHC6q-SxbWWmqvvT3wO- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B200686F9F8B4C0988AD06A195C41F09&google_push=AehlK4AHZsgpRPHR1T4Sz4LB7iZiEXVk7dVkC6N9xqLtGWquSX2LSiN1pPeNHFuQOBn4Ukfx1VzWo0oGLHC6q-SxbWWmqvvT3wO-
Request Chain 546
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFGnsys_jRp9sIHZpNMCtzs&google_cver=1&google_push=AehlK4Aw7cK_6rIkE7FG5gFbkVC_bCVeoHTWGwrPhXKIQNnWgKQHhnYK3fmbAk3bHbbeW7zFW_o3nc2BTHlFREkoiP4WNNmrI4QC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Aw7cK_6rIkE7FG5gFbkVC_bCVeoHTWGwrPhXKIQNnWgKQHhnYK3fmbAk3bHbbeW7zFW_o3nc2BTHlFREkoiP4WNNmrI4QC&google_hm=MzcxMDc1NDE3Mjg2NTQxNjY0Nw%3D%3D
Request Chain 548
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGPRYVmPRqK53yaeJALK25E&google_cver=1&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVsJuaOG3Q90pd8_jnzYe9dTKgo HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGPRYVmPRqK53yaeJALK25E&google_cver=1&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVsJuaOG3Q90pd8_jnzYe9dTKgo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk3MTEzODg0MTQ2MDM0MTEzNQ&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVsJuaOG3Q90pd8_jnzYe9dTKgo
Request Chain 549
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMyGqirgawq7ET-RVvykTWw&google_cver=1&google_push=AehlK4ASTLoLIacJgCNT6CkejpshCUJR_9hkYaURsyn1V6MHCpJ1NITFjuG8A2jyZtT53fKA7MfLn8vrI5YK_08m-muP7tPvWEXE HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fcdd223b-098a-43f3-a065-8b6c1eea7a11-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4ASTLoLIacJgCNT6CkejpshCUJR_9hkYaURsyn1V6MHCpJ1NITFjuG8A2jyZtT53fKA7MfLn8vrI5YK_08m-muP7tPvWEXE%26google_hm%3DA_zdIjsJikPzoGWLbB7qehE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4ASTLoLIacJgCNT6CkejpshCUJR_9hkYaURsyn1V6MHCpJ1NITFjuG8A2jyZtT53fKA7MfLn8vrI5YK_08m-muP7tPvWEXE&google_hm=A_zdIjsJikPzoGWLbB7qehE
Request Chain 550
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJJ8t0YxqPmW5woa6DvUu-4&google_cver=1&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0AL7uf1YYHfbZuvQj4PKF_Sohc6juFMEnyiwh0A7UklM HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0AL7uf1YYHfbZuvQj4PKF_Sohc6juFMEnyiwh0A7UklM&google_gid=CAESEJJ8t0YxqPmW5woa6DvUu-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkzMDg5ODE5OTE5NDEzODIzOTg1MA%3D%3D&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0AL7uf1YYHfbZuvQj4PKF_Sohc6juFMEnyiwh0A7UklM
Request Chain 551
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJP8W4zX5qUpNiM-bCE9wQA&google_cver=1&google_push=AehlK4C4jzALxGLP9Nr-1ckCBvtLPFeXau_ghFwQx4-WbU1iy76zq0NrOePJ8lm2VqZAceFZx5Q28xEmauu2apc6KdHZYK6M8e2s_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4C4jzALxGLP9Nr-1ckCBvtLPFeXau_ghFwQx4-WbU1iy76zq0NrOePJ8lm2VqZAceFZx5Q28xEmauu2apc6KdHZYK6M8e2s_w HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 563
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CM_Otcqwj_oCFV-T_Qcd2AoKVw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1662990018_70b63960-32a0-11ed-a5a1-2235383f8385
Request Chain 571
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.deliveryapis.com&sn=ChromeSyncframe&so=0&topUrl=trivia.braincandy.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=V323pXxsMDEzVVFlS1MweG1JaFpYZmlLditidXBIUFlpUHBXWHB6RkwwSUxRV0lWcWRJL2ljek8ySy9oSjI3dzc0Szl3VTdielR5dzVJWGpQZTRUanJ4OEI0bW4wbWJkZlNCaEVqSzdYRVk1bnUvenRVMnpLcGZMVXZVVlZjeTVnZHdSWW4zTmV0UzU1UU9yUlpRQ2k2MkZ5T1Q4czJwbzducU1QeStBZ0lyUVB6NGVMYnZEWTBUMW0vakdhT0lZZDFUazFHZGRRNUNSU0J3dFFob2Rac1dEdzdkRDc5OTZocm93SGh6UnJKc21GQlpEU2R2NTh6dVRtdG5IMnBjRVJjbGRObEVkamd6KyswSUV3Rll2cm5HbTZhaGVNeDVsTGZ4amRuUXY1NFlST3luWT18&cppv=2
Request Chain 575
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.deliveryapis.com%2F&domain=p.deliveryapis.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=VDQHUXxpaEJ4MDBSQ2RhQWRpNjZBZVFoUERKNHo4QzQ0SXllWmQ0VkxoaUVUVEpiK000SWFhYmtGdEVZbEh1Wm9MZi8zSzJuY2ZpRkcwWlBiUmhQL0JoaWR2TnRvTzFvYkt3R0djd1hvdWJYZUozV0dSOHJBVXUyT05rb2hDYUwrRU8vc1VKU0lqZUwySG5yMU1BdTNVaGJTRHExN256WEloQjBhQzJkZWJ1N1BIbnVacTlvQTVzZ01SSys4cVNGeXhkdUEwRUpCODluU0lXazd5QXFRTUlJUHEzRHp6MS9NOTZFbUVVZEhMUXdBdXVVZDRtbnlncDRzSFZvaGtYY3Y1d0I0L1phSXRNOHphWU4rbE5LOWhIa1lJQmVhZ00xUlBLOXgycEszOVl0cWgzOD18&cppv=2
Request Chain 578
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftrivia.braincandy.net%2F&domain=trivia.braincandy.net&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=qaa8N3x2Y2wvZERlNk4xbEhQYnlUWTlzTThNQUMvdmxWY045M3ZXUXcvTjMySWpqbXpkMXlJVkwwV3ROY2VsT2poS2s0Tm1RTFBqdUpJTVBnTUUycDc2eWdKazE0bUtUalFZSkJtYnZoS1h1MVNlNU1xUEhiMGlPZGlCY1dDQ3J2a2dPUm50bTN0dHo4RzZvaUxtaWFLbHJwN0dlSXlpL0sxQ1lQcjVHdVgxNjN0dE1nNlY4NDdoT1pjZGVuK3JIaVpTakNZMzRtck1pRXIzaFZzUXNFUUF3ZjAxVlpuTWNQUllOazJvY3NEdmNybWtrcnM5UEpxZDRWKzhwdnArUnhOQUlYSXJOK25FUHhvQXFkandRaEtPOE1NMkVQRUhab1JmL1dRMkl5eFBSK1dtVT18&cppv=2
Request Chain 605
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=braincandy.net&sn=ChromeSyncframe&so=0&topUrl=trivia.braincandy.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Y0uMKnwzeU9CQjduRU5YbzQ1ZER5UTJOU2dMNTFWVHN2NjBlL1JWeTRhZHF5bExyNkJTcU1wcEN3ckNvMythdys0RGVmMXRzU1c1WXNKTDY5Y2NpbWhjQWd1dFlWVFdrOHYxUXRxdVMxakZnTmI0T0IvSC9taU5ScEJRVi9JUEF2cFVsOTkwUkFKdUZZaXdPT2s3MXAwM3QxUy92VmFtaUp0b0tOd2IzUmRpWitqMkttY3RhenNhYXAwV1lXb2JKajAxUVZocVk1OFVPdnBOaWxLYW8xZWdNUnFBM0RYNUluRm5MQmNHRFI4Q1pTKzRYV3RqZitFTXFjWVQ3WTlnL3BzSTl0QkFYL201RDRJczU4TzNvNk54aEU4QT09fA&cppv=2
Request Chain 606
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=braincandy.net&sn=ChromeSyncframe&so=0&topUrl=trivia.braincandy.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7I8BXnwySER6eFlvWEx5MGQ1bnNQcmN2Z29PUW9TV1JIQXJicWFkMHdpQmJTc2F5bDJFYTZET29SMUFMNGpwWW1Ibi9yQ1pRa0U2OGlqUnhyOGZ0Ui93VkxQWEc0RSthbVlmMlpGd1BHekpReWpHSmNnUzExSDFhVFFjcG0xd24rNEdqMHhCeW9HY1RNUzgwRlV3SHlUVkRiY3dXc2gxa3ZlbWRyM1drRGY4SUNpVFo0blBJOWNpb3FQR2JFbHdHQm52RngrWkNIWmdneXBEVjR5ZjFzZTJXS0xUZmM3dUliYUFwQVd4Q3I5SjdoQVZ6c0UxZTZ5NTY3VWpKaWU3S212TnhzR0JTejZGbzBwOUFMd0VFWG4xdC9qUT09fA&cppv=2

622 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
trivia.braincandy.net/
Redirect Chain
  • http://trivia.braincandy.net/
  • https://trivia.braincandy.net/
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e05f4ab5c82e9399056e647d165e39e5e95a0221a3f2611567f1c51136831ee1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
1210
content-type
text/html
date
Mon, 12 Sep 2022 13:40:10 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

Content-Length
153
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:09 GMT
Location
https://trivia.braincandy.net/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
checkfb.js
trivia.braincandy.net/js/ 		988 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/js/checkfb.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa16713bea8bbae770dd8c26feaeea266536c4e8f25923e4d869ced50054c377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:10 GMT
content-encoding
gzip
last-modified
Thu, 27 Aug 2020 05:02:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"803ac7452f7cd61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
622
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/js/checkfb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MFFFpTUqeue8upMafwn9CQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
cHcF9lwK5GUX/1ejkCwsg19oW/OKmJOzXJrK2Z7I4IuNC5j5Jr6QHkpp7Xss+qG4MoiZQ9mwcj8ApvawDxAhbg==
x-fb-trip-id
917726464
x-fb-content-md5
92f6b99c734c59db471efb058a6c0d2b
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d462242123a088e0c314c90e53eed75a"
timing-allow-origin
*
expires
Mon, 12 Sep 2022 13:48:17 GMT
Primary Request /
trivia.braincandy.net/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0437e047ca262384c6e55620068fc84ec7f6ca82110379f9f3e7843b3847543d

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://trivia.braincandy.net
Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
10664
content-type
text/html
date
Mon, 12 Sep 2022 13:40:10 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
all.js
connect.facebook.net/en_US/ 		0
0
checkfb.js
trivia.braincandy.net/js/ 		988 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/js/checkfb.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa16713bea8bbae770dd8c26feaeea266536c4e8f25923e4d869ced50054c377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:10 GMT
content-encoding
gzip
last-modified
Thu, 27 Aug 2020 05:02:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"803ac7452f7cd61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
622
css
fonts.googleapis.com/ 		973 B
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b540c14143da2c8c40e67b767c9821a8900fee46616a37bd89f18ea9b60e8f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 12:08:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:11 GMT
css
fonts.googleapis.com/ 		368 B
372 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Days+One
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14fdacc4d72204078f2a729fce24e7ed33f8b428b15f057914b8dc33eb165003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:14:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:11 GMT
css
fonts.googleapis.com/ 		697 B
436 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Audiowide
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d72315407e441febbb774ffad89110d740f811d989925c581d97be77546783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:29:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:11 GMT
css
fonts.googleapis.com/ 		2 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jura:500
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09a7dee77d90a4b39ac83749fec79d85580ed38cd2f587da8d754344e2814483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:11 GMT
css
fonts.googleapis.com/ 		3 KB
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cuprum:700,400
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57ad0f4ae4e278ad7a23f15ef3d0a12c7c38bfb782b00dfe69b34989a990ba76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:11 GMT
css
fonts.googleapis.com/ 		702 B
441 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba967e544d06616196f49d15433f600b48224f12b4305e87f07138d194b3dc8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:01:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:11 GMT
css
fonts.googleapis.com/ 		395 B
386 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent+Marker
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 12:36:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:11 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
16337464
cdn-cachedat
2021-08-03 04:14:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6358afe6e12aefed963ad27f3935d6d1
cf-ray
74990db13a0c9134-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
braincandy1-wide.css
trivia.braincandy.net/css/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/css/braincandy1-wide.css?1040
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7856b9607da17737058aaeae43fff34056d8609a2d05ce8a9b9bc327fdd64adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:10 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 17:52:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80cb662bcde1d51:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6021
rrssb.css
trivia.braincandy.net/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/css/rrssb.css?x10
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ae714a96a90cb96d9571e73e9b0b7a5ef1fc835930c0c5aca5eeadff150097ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:10 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 03:11:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"07ae755cf83d51:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1539
signin.css
trivia.braincandy.net/css/ 		5 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/css/signin.css?1040
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6860711cd1d404b5deadc7c56fa8d4fc1f268100f02b049df785758209f98daa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:10 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 03:11:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"07ae755cf83d51:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
907
jquery-ui.css
code.jquery.com/ui/1.11.4/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:11 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
W/"611feaca-898c"
vary
Accept-Encoding
x-hw
1662990011.dop053.fr8.t,1662990011.cds103.fr8.hn,1662990011.cds006.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8056
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:05:46 GMT
x-content-type-options
nosniff
age
9265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 11:05:46 GMT
jquery-ui.js
code.jquery.com/ui/1.11.4/ 		460 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/jquery-ui.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:11 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
W/"611feaca-72e44"
vary
Accept-Encoding
x-hw
1662990011.dop053.fr8.t,1662990011.cds103.fr8.hn,1662990011.cds125.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
114093
checkeu.js
trivia.braincandy.net/js/ 		363 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/js/checkeu.js?10
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c12f7a57e5d868832ea4fd936bccb4bf911b0c3fafb75e4179805ccbd2a7593c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:10 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 03:12:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"cc25c18dcf83d51:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
339
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81e46ec29f04dd5f649c435a146e58114059537a62790af29f621096026671a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28708
x-xss-protection
0
server
sffe
etag
"1331 / 260 of 1000 / last-modified: 1662980796"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Sep 2022 13:40:11 GMT
prebid-load.js
dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44d964dbdd7441d109c2b76c9533394b5c67dc5ab4b8a59b2fd4913b13f14da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
gTVRVa11RAL5daXSUK0qzHx8dRautXBM
content-encoding
br
last-modified
Sun, 11 Sep 2022 23:03:40 GMT
server
AmazonS3
age
765
etag
W/"c49958033f33c89377349576e03b034b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 12 Sep 2022 13:32:46 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
pX5Gav6DkUfFo_CqVaxd0lrvRgr_gYKYMtEusQxV_aajty3uKP7EbA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d85c50abc681bdebd98eab3bbb32355918b6df277fd41f5f3a7cb495cbd0364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57406
x-xss-protection
0
server
cafe
etag
3268971140470126419
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 13:40:13 GMT
a-01lm.min.js
b-code.liadm.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01lm.min.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b6713646122b93a69a743cf9816f977943d2e2d3d4010c27e3174a64008aab1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 08:55:22 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
age
17089
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P2
content-encoding
gzip
x-amz-cf-id
fMsk8PMtT6q2zowa0bsEAB_ABx7RRm4OXpJmcBUkX-zZH7vgWBCyNA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8af74365f3272e5184cdcbfa45f9752961e1a3204f947c7f9b18f065499e7758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
kw5wVVO1zr8byquf+XnzFA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
9Z/bBA4g+c5jbc18TGxacG+6E4tFhv6j7EENwaDd+Tb7SKpsC4An7IXGAB83RpRlONXtEGNX4KXKnmK8i2nxrQ==
x-fb-content-md5
53a0d4ea5284454feccf35cb84c99af6
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9b63bcf5aad37bddb37950ad9242617a"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 12 Sep 2022 13:44:30 GMT
bcLogo2.png
trivia.braincandy.net/images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trivia.braincandy.net/images/bcLogo2.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25bfc4c32a75641ce91bc561de2f56bbf7ad94b0daf238e23473f47ec8540826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
last-modified
Wed, 16 Oct 2019 03:12:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"ef368dcf83d51:0"
content-type
image/png
accept-ranges
bytes
content-length
98932
ratio.png
trivia.braincandy.net/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trivia.braincandy.net/ratio.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
43a56f7425c0c4274da9f324fbf4b81d0fcc5943d83c4d7d964aa055655786cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
last-modified
Wed, 16 Oct 2019 03:10:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"c283534acf83d51:0"
content-type
image/png
accept-ranges
bytes
content-length
3618
empty.html
recirculation-cf.spot.im/
Redirect Chain
  • https://recirculation.spot.im/spot/sp_HQI9uHrd
  • https://recirculation-cf.spot.im/empty.html
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://recirculation-cf.spot.im/empty.html
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
108.138.7.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-126.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Sep 2022 13:40:12 GMT
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P6
cloudfront-functions
generated-by-CloudFront-Functions
x-cache
FunctionGeneratedResponse from cloudfront
location
https://recirculation-cf.spot.im/empty.html
content-length
0
x-amz-cf-id
wQvdMkr2uvE1tbIXtwIdcg4sXpMlEud_t3Blp5wD2pYew2NJ8s6A0A==
sp_HQI9uHrd
launcher.spot.im/spot/ 		286 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_HQI9uHrd
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6202197a142b51fe27e61415df4301c0d93830864b2c2c55326d41232facce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
vD1tIrp29kqQmvEXzkjyW1umFzpbBhMB
content-encoding
br
etag
"c636827a6fdc6992abe96bf038bbc5ad"
age
256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
68895
last-modified
Mon, 12 Sep 2022 11:58:15 GMT
server
AmazonS3
date
Mon, 12 Sep 2022 13:36:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
x-amz-cf-id
r3vdq3V3XPu8x96fdHqz8JsPiqbiAM9x_CP_nh-1DHJ3WCozaqnJxw==
albert-signup3.png
trivia.braincandy.net/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trivia.braincandy.net/images/albert-signup3.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3910c68ffb5d3d3232bb2af0230b347ade3c3cc18cda7e12326fd93e3e8dcde8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
last-modified
Wed, 16 Oct 2019 03:12:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"31dd6f8dcf83d51:0"
content-type
image/png
accept-ranges
bytes
content-length
57078
outbrain.js
widgets.outbrain.com/ 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cbe847d591e7356d9c105010dfa654d7a4b9651fc37bf6bbfa7a93cb49b60c5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 11:46:38 GMT
etag
"16-Bz/npoQowaLO01JgEZei7+eZpHY"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
55ea7afc0e7e45663c071cee6f363abc
timing-allow-origin
*, *
content-length
72761
rrssb.min.js
trivia.braincandy.net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/js/rrssb.min.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51c400482c1bc05ee87f4c011ef47ee7333b26680c582d6229368792f03d6376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:11 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 03:12:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8026568dcf83d51:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1925
jquery.easing.1.3.js
trivia.braincandy.net/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/js/jquery.easing.1.3.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
48a68501dc91b163ceee7d21567464e6a60a7b645799b4b4f35284af7cfb7155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:11 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 03:12:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8026568dcf83d51:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1698
BC.js
trivia.braincandy.net/js/ 		3 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/js/BC.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7f1f89da2c6664a007a0154ef5754307dc935d4d41027b42de9fe8372eff52f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/?038e28c5-news-template-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 03:12:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8026568dcf83d51:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
859
bouncearrow.gif
cloud1.braincandy.net/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud1.braincandy.net/images/bouncearrow.gif
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.36 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.36.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
22200c292060dcd6dbba8ba1ca1f2546a32968b01a02410fc1c5545b7a25a1ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
last-modified
Wed, 16 Oct 2019 03:12:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a79fb8ccf83d51:0"
content-type
image/gif
accept-ranges
bytes
content-length
3963
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/js/checkfb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
409663c72651a721fdd24d5b2be998d26b40474b8ae3a2f937495f73fd8abeac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MFFFpTUqeue8upMafwn9CQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
cHcF9lwK5GUX/1ejkCwsg19oW/OKmJOzXJrK2Z7I4IuNC5j5Jr6QHkpp7Xss+qG4MoiZQ9mwcj8ApvawDxAhbg==
x-fb-content-md5
92f6b99c734c59db471efb058a6c0d2b
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d462242123a088e0c314c90e53eed75a"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 12 Sep 2022 13:48:17 GMT
80.255.7.106
cdn2.triviatoday.com/geoIP/api/ipinfo/ 		79 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn2.triviatoday.com/geoIP/api/ipinfo/80.255.7.106
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
67.229.238.34 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.34.STATIC.KRYPT.COM
Software
Kestrel /
Resource Hash
3c1087b4830128473386303a048e0353e5bb541a7e3f15ad246fa10362a08f20

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 13:40:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Kestrel
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
fbevents.js
connect.facebook.net/en_US/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26737
x-xss-protection
0
pragma
public
x-fb-debug
mjYM4XUasImxh6ADchyT3oIThwJGa3CYGiHX4qHKedI7ANy1Bx7C2nxIuC5khtJwxMirn9kcgupy+4J8HJBOig==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Mon, 12 Sep 2022 14:00:12 GMT
sendEmail.asp
trivia.braincandy.net/ Frame 0D1B 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/sendEmail.asp?c=3E038D&sw=1600&dName=&title=Quiz:%20This%20Week%20in%20the%20News
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2530553fb7c0ab7de8d90007bfbf254a3bafeecef1184f32b2efc73f00ca862e

Request headers

Referer
https://trivia.braincandy.net/?038e28c5-news-template-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
3311
content-type
text/html
date
Mon, 12 Sep 2022 13:40:12 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
signupx.asp
trivia.braincandy.net/ Frame 62F0 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bde0739533db7cabc60dab10898157099b7ad27d7858f6dea1a39dda7017d60

Request headers

Referer
https://trivia.braincandy.net/?038e28c5-news-template-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
4551
content-type
text/html
date
Mon, 12 Sep 2022 13:40:12 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
header-bg11.png
trivia.braincandy.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trivia.braincandy.net/images/header-bg11.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/css/braincandy1-wide.css?1040
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94a06f5d67261e40bcc0bbc986b220c4cb4e94670daba28134dffb693a2d2d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/css/braincandy1-wide.css?1040
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
last-modified
Wed, 16 Oct 2019 03:12:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a27c4b8bcf83d51:0"
content-type
image/png
accept-ranges
bytes
content-length
2059
z7NOdRfiaC4Vd8hhoPzfb5vBTP1v7ZumR_g.woff2
fonts.gstatic.com/s/jura/v24/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP1v7ZumR_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jura:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7d652dfec62ad3d633e84e42d02d82fe477378939481176ebc86dda527f8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 16:04:23 GMT
x-content-type-options
nosniff
age
596149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12352
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:14:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:04:23 GMT
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 20:52:27 GMT
x-content-type-options
nosniff
age
406065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16216
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 20:52:27 GMT
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
176480
cdn-proxyver
1.02
cdn-cachedat
08/20/2022 02:30:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44432
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
etag
"3293616ec0c605c7c2db25829a0a509e"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
438bd41e6aa486c8a5e8efbb8a98bd61
accept-ranges
bytes
cf-ray
74990db9491cbb77-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
playNew.asp
trivia.braincandy.net/ Frame B4E3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/playNew.asp?id=cfd78290-d421-43a7-aec7-71b7bed277bf&ia=nancyg15/038e28c5-news-template-&m=&c=3E038D
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5daf28f99af0af761541729c8b12b5232b61f9f78d4cf6cae0b7a282dc9b5107

Request headers

Referer
https://trivia.braincandy.net/?038e28c5-news-template-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
1020
content-type
text/html
date
Mon, 12 Sep 2022 13:40:12 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2292
date
Mon, 12 Sep 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 12 Sep 2022 15:02:00 GMT
Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
fonts.gstatic.com/s/permanentmarker/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Permanent+Marker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 00:21:01 GMT
x-content-type-options
nosniff
age
479951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29564
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 17:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 00:21:01 GMT
sdk.js
connect.facebook.net/en_US/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b8ab6cb3d5d26d5b3668a85d6c737c73
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
afbc0bb68808c8e6007ee5269d25ff647c0316bfc07dec173b70bbcd94909f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://trivia.braincandy.net/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
d/z+fMQD25QLaSXMIkyvog==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86525
x-fb-rlafr
0
x-fb-debug
Auo8I7IJpYf5e6DK59x8qg6QUlJoWSZuXzKxYDqiG6Dc58mPLn5lxpao90AALwXTvv9tJv22QdSvU7LO7h6Frw==
x-fb-content-md5
9f3b89d652a394f3cbacbc263fae3195
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d0b00c50a9a4a37dad118c3f9bc490e1"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 12 Sep 2023 11:42:57 GMT
136604453636163
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/136604453636163?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
081f13b2eccdffdb18a009c42c29b708a3880dbbfe60a3d42eee84e542c3393e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
BST5/ZSTUXfmEx5B4GH68SEfzIEYGwTgcjR7+h3OvYYry92kL5not0iXWfMl2T73owX7hekFQXXMLHJj6hZ7Hg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
prebid-library.js
dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/ 		144 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
104835e6a7e3eaeb7b2e3d5f887de51929392fdf5cc1c7533859ec75ee04bf29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
Y8f5YYok_2T1SsaXzIbkU2b3bWa76vf9
content-encoding
br
last-modified
Fri, 09 Sep 2022 23:32:13 GMT
server
AmazonS3
age
71291
etag
W/"9b82e21b1325384a5d80cfbeebb50c36"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 11 Sep 2022 17:52:02 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
z-2seqQTg7FgKj9QuVx_UInaZCxT8Oxjxh8O2pYa6nmzjusu1HyWgQ==
prebid-wrapper.js
dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-wrapper.js?v=2
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
090aef5c007efe6806ee11771471bd31abdea8d750f936efc52dacc7823571fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
TgeljLDzekYF2YgyBnZsE.P8uMAWtWRp
content-encoding
br
last-modified
Sun, 11 Sep 2022 23:03:40 GMT
server
AmazonS3
age
2619
etag
W/"f5d5c93f783ae8ca997e45083a690079"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 12 Sep 2022 12:56:34 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
xoicEoSyyM3DiPJqFM2AN5BH-uuYp2KmHO0ZRxOcrLXNqIYab0RxRQ==
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 13:23:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		164 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trivia.braincandy.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
857ee0f5aca402719b5ddcfcfca309b165ec1b93d41c91e290816ea4503789c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114
x-xss-protection
0
expires
Mon, 12 Sep 2022 13:40:12 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=007f266ee8a5533b1005bf996bff48b066
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
X-TraceId
3a1d5b81b290fd02279066ffd8c95bcf
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=007f266ee8a5533b1005bf996bff48b066&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&optOut=false&bust=07227605924456915&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:12 GMT
Cache-Control
no-cache
X-TraceId
bcac63b565b27493266bee02ba322a3b
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=210064594&t=pageview&_s=1&dl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ul=en-us&de=UTF-8&dt=Brain%20Candy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1008957411&gjid=56447080&cid=805242697.1662990013&tid=UA-92784887-1&_gid=1269150827.1662990013&_r=1&_slc=1&z=1394089554
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01lm.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 18 Aug 2022 11:50:39 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
age
2166574
etag
W/"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
MqbiHjOhq4VmpHtpMPDU5fFjt0hR-8HwO1lwX7HBc3IjeLnvq8Y0ow==
YnJhaW5jYW5keS5uZXQ=
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/YnJhaW5jYW5keS5uZXQ=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:12 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=38239
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
32f65449c6a170092dd6cdd86ef667f5
Content-Length
16
Expires
Tue, 13 Sep 2022 00:17:31 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 12 Oct 2022 13:40:12 GMT
prebid-bidders-braincandy.7c5a25067e3cc985c74b.js
dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-bidders-braincandy.7c5a25067e3cc985c74b.js
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ef7c85c7ec5bba7fb1068854634b3210ef1c0af3fea23f167e0b84b8d419688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
6TWzGA6so2iBL12ylnBGrkaJpKU10cDe
content-encoding
br
last-modified
Sun, 11 Sep 2022 23:03:40 GMT
server
AmazonS3
age
2691
etag
W/"83febf65e34e2ec1b5de712ca4404150"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 12 Sep 2022 13:03:23 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
wNu1oYmhmP1mw2adZy0bkHTLx9U8w1XwS_ncNNuf6xc_AQ9cgUTMag==
prebid-adapters-braincandy.5d177de615af015125ee.js
dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-adapters-braincandy.5d177de615af015125ee.js
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
297a79b6cb99f15d6eebd55fbf7df42e0ad160b27d30004a46b6cebc0ba69323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
J8ZdwYyjaVmDD.qYIZB7WzyJQMxo6EF5
content-encoding
br
last-modified
Sun, 11 Sep 2022 23:03:40 GMT
server
AmazonS3
age
2691
etag
W/"807034ac4c47514648776704995dd138"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 12 Sep 2022 13:03:23 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
JYEB7PXJy9mZjBLBSB1bRGIkDpCUh28KFaADiFmvT5AZNpIjtMMIgw==
events
direct-events-collector.spot.im/api/v2/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-91.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:40:12 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
ybY6u3y-P-qtMErsb1pyz4PLNWI1UyE1GkwrtPERnQgA7wNjQLg28g==
x-cache
Miss from cloudfront
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:34:14 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
29167
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
0
x-amz-cf-id
j62IyB2acVCjj9mwTFF2O27plbWJirwtabvkQxyr7Vs1f_H0HjdNPw==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
929 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
42971bdca2699d7b09ce6538f929c5a8f0bdc048896e0fbf75e48c0ec0b4433e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-spotim-device-uuid
74065e47-a5db-42d9-ab47-6dc32ccb66df
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
36
x-guid
74065e47-a5db-42d9-ab47-6dc32ccb66df
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
LXEw_zYbrLNOeHzAhIc-YLvmElweQy3LNCFYpeHXtaq7so8OAMW0bA==
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=136604453636163&ev=PageView&dl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&rl=https%3A%2F%2Ftrivia.braincandy.net%2F&if=false&ts=1662990012722&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662990012712.1970510093&it=1662990012448&coo=false&rqm=GET
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 12 Sep 2022 13:40:12 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1662990012725&aid=a-01lm&se=e30&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&tna=v2.4.2&pu=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&wpn=lc-bun...
  • https://rp4.liadm.com/j?dtstmp=1662990012725&aid=a-01lm&se=e30&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&tna=v2.4.2&pu=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&wpn=lc-bu...
47 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1662990012725&aid=a-01lm&se=e30&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&tna=v2.4.2&pu=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&wpn=lc-bundle&refr=https%3A%2F%2Ftrivia.braincandy.net%2F&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT48aDE-NzY8L2gxPg&i6=MmEwMTo0YTA6MTMzODo5Mjo6Mw%3D%3D&n3pc=true
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
18.210.127.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-127-151.compute-1.amazonaws.com
Software
/
Resource Hash
d0155673a6ca77fd823260e3e3a2a34c3a93acb4b0c5740a3d24a877c7f4cda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
x-pixel-event-id
5bba5ff8-3ff0-4817-aca4-e9b36a83f1ed
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
e81cb2d9f45527eb
request-time
0
content-length
47
x-content-type-options
nosniff

Redirect headers

date
Mon, 12 Sep 2022 13:40:13 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1662990012725&aid=a-01lm&se=e30&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&tna=v2.4.2&pu=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&wpn=lc-bundle&refr=https%3A%2F%2Ftrivia.braincandy.net%2F&c=PHRpdGxlPkJyYWluIENhbmR5PC90aXRsZT48aDE-NzY8L2gxPg&i6=MmEwMTo0YTA6MTMzODo5Mjo6Mw%3D%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://trivia.braincandy.net
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
bc1a26cd11434991
request-time
0
content-length
0
x-content-type-options
nosniff
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=2047308739
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tmax=2500
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.45.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-45-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292736&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225dec7f0923c0c9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2262ebc808945f14%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22292736%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F151404300%2Fbraincandy_desktop_leaderboard_top%22%2C%22gpid%22%3A%22%2F151404300%2Fbraincandy_desktop_leaderboard_top%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8dc8954faa968b7146daf7e692162656ab13b220428bbcd342b66b412ae5a0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5v1IF7Il7E7CZhxN49ZvClp%2BpNiSIfKh0vOcEop%2BNdiEN2s70Fxmxq864czptOf0MnZeQZEtVtGuIzfu2dabGK4YwFVKXhb1E%2Fi839EHrxAXFxqdEUiayVd8P8TfAJ9EDAFRFDZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dbc9c90bc01-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:12 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
88158b58-4daa-4df2-8d39-7c20fed9ed1f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=33469935909
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		139 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bbf703c7e289a5c9b67e01ffa0d69dbffcaf451da43c98deabfc27bf945af16a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:12 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
88271111-4668-4409-965a-2e03a34cebea
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292741&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213b9bfa80ca3ad9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214dcea91f99b3dd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22292741%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F151404300%2Fbraincandy_desktop_leaderboard_bottom%22%2C%22gpid%22%3A%22%2F151404300%2Fbraincandy_desktop_leaderboard_bottom%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28041d112c6b068f45f98dabea96f22742a5c7984486cb5dd8a7c13243dac909

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZUyA3PBVEa%2F5KI2v3WyCGeqlyoyDhdCqw%2B3QXSC5XPTcNcaUum%2Fi6sGfiJREloQKzDU3gSeT3nToIrUFnyOqDmCuy4XmrvIT5vJt6Z65OLAHM2qK5VWWK%2Fz2p%2BsyghB4GTGmfRl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dbcac91bc01-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tmax=2500
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.45.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-45-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=42364671525
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		19 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:12 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e933c9fa-491f-4c69-a45b-3fb27c1c97c0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292737&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22218b2a4a72b0f43%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2222e18545d116914%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22292737%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F151404300%2Fbraincandy_desktop_skyscraper%22%2C%22gpid%22%3A%22%2F151404300%2Fbraincandy_desktop_skyscraper%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60275c496520813fecceb945d035d6e1188709ba1ee394d97aae6529f814e880

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZe5av%2FQ8TJdJOchMRn%2FoWfSmWL9%2FJ28T0LGHgIJQ8DhNfZQTZ%2BXqrZgx0%2FQTOqBZnuuGL%2BYJiL7746YZZxLwhbaI7xQncd%2FMZfECZfIABMOVaEsoMb0EqoFzLvYUMZrwRE7wfQR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dbcac92bc01-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tmax=2500
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.45.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-45-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tmax=2500
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.45.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-45-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=46388750994
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=292741&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22292e3b78d19389b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230ebddbd95de069%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22292741%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F151404300%2Fbraincandy_bottom_responsive%22%2C%22gpid%22%3A%22%2F151404300%2Fbraincandy_bottom_responsive%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76fc9a956463efae8c67c92c11cb2d5a464e51474171880376b466220bd1684d

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPI6W3Utl3iVGJAi77jzcGsqhqTrEI%2FNOEDfShnH4dPwfZOVRWZ7ylrMEAgoq2ggo1lfb9ooB%2Ft%2FJWfkr8iONVn1HIcfkxyNM5ZxWQ1B66yYuh0WGFbxc3besjyjVEPmtLD8hJWf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dbcac93bc01-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:12 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c52fb4f2-d0cf-4f3c-8db3-5ae3bd080803
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
get
odb.outbrain.com/utils/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fbraincandy.net%2F%3Fc%3D3E038D&idx=0&rand=18003&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&adblck=false&abwl=false&px=305&py=1469&vpd=269&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000877&sig=tinJwLVB&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&ogn=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a0b8c3cd2d1fb1e591275c4fbbd4c2c85c3a836501b7073713305a23ec09225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1662990013.022260,VS0,VE133
accept-ranges
bytes
x-served-by
cache-lga13620-LGA, cache-hhn4070-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
35b365419e8e9f66713a9b5fce4ecca2
content-encoding
gzip
content-length
3593
expires
Thu, 01 Jan 1970 00:00:00 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame 0D1B 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/sendEmail.asp?c=3E038D&sw=1600&dName=&title=Quiz:%20This%20Week%20in%20the%20News
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
674, 617, 617
age
19886278
cdn-cachedat
2021-04-13 08:26:11
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5df7ea668d94f41379e642b8eba366fd
cf-ray
74990dbd8acc922b-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 0D1B 		2 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jura:500
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/sendEmail.asp?c=3E038D&sw=1600&dName=&title=Quiz:%20This%20Week%20in%20the%20News
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09a7dee77d90a4b39ac83749fec79d85580ed38cd2f587da8d754344e2814483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
css
fonts.googleapis.com/ Frame 0D1B 		697 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Audiowide
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/sendEmail.asp?c=3E038D&sw=1600&dName=&title=Quiz:%20This%20Week%20in%20the%20News
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d72315407e441febbb774ffad89110d740f811d989925c581d97be77546783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:35:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 0D1B 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/sendEmail.asp?c=3E038D&sw=1600&dName=&title=Quiz:%20This%20Week%20in%20the%20News
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:05:46 GMT
x-content-type-options
nosniff
age
9267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 11:05:46 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame 62F0 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
674, 617, 617
age
19886278
cdn-cachedat
2021-04-13 08:26:11
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5df7ea668d94f41379e642b8eba366fd
cf-ray
74990dbd8ace922b-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 62F0 		2 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jura:500
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09a7dee77d90a4b39ac83749fec79d85580ed38cd2f587da8d754344e2814483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
css
fonts.googleapis.com/ Frame 62F0 		697 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Audiowide
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d72315407e441febbb774ffad89110d740f811d989925c581d97be77546783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
css
fonts.googleapis.com/ Frame 62F0 		395 B
313 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent+Marker
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:01:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
signupMain.css
trivia.braincandy.net/css/ Frame 62F0 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trivia.braincandy.net/css/signupMain.css?1240
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.229.238.21 , United States, ASN35908 (VPLSNET, US),
Reverse DNS
67.229.238.21.STATIC.KRYPT.COM
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7cdd4103c3b736e943a69e3b41e4b0ef4f9f0192ec2cf9cb1aa0767f25789fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:12 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 03:11:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"07ae755cf83d51:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2517
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 62F0 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:05:46 GMT
x-content-type-options
nosniff
age
9267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 11:05:46 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3974309788351676&correlator=1248369439821085&eid=31069332&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_bottom_responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=139572988&sfv=1-0-38&fsapi=false&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662990013015&lmt=1662990013&dlt=1662990010973&idt=1769&adxs=286&adys=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&frm=20&vis=1&psz=1027x0&msz=1027x0&fws=4&ohw=1600&ga_vid=805242697.1662990013&ga_sid=1662990013&ga_hid=210064594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98e8e19b10d9a7d45f65f24f1d9e85fb858620bec2ecfa57ef7910ce834dced6
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLrs_8ewj_oCFYNT4AodbG0D6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/14598595354590703952/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLrs_8ewj_oCFYNT4AodbG0D6Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/14598595354590703952/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42282
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 12 Sep 2022 13:40:13 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3D9 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:13 GMT
expires
Tue, 12 Sep 2023 13:40:13 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		708 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3974309788351676&correlator=663551838467685&eid=31069332&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_desktop_skyscraper&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=2&adks=1740462161&sfv=1-0-38&fsapi=false&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662990013033&lmt=1662990013&dlt=1662990010973&idt=1769&adxs=1029&adys=377&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&frm=20&vis=1&psz=320x-1&msz=318x-1&fws=4&ohw=1600&ga_vid=805242697.1662990013&ga_sid=1662990013&ga_hid=210064594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c8ad595759bdc0d5fc82ebca19d1b5cb9a6729f608742a95e7c5a5de185cb15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
371
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3974309788351676&correlator=3006467680484226&eid=31069332&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_desktop_leaderboard_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=519834287&sfv=1-0-38&fsapi=false&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662990013050&lmt=1662990013&dlt=1662990010973&idt=1769&adxs=249&adys=315&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&frm=20&vis=1&psz=761x-1&msz=741x-1&fws=4&ohw=765&ga_vid=805242697.1662990013&ga_sid=1662990013&ga_hid=210064594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98e6252ad08681bf665de8219a60fdcdc38695c2a7cc0c6f0627a94180184ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12608
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3974309788351676&correlator=4230502392207850&eid=31069332&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fif&iu_parts=151404300%2Cbraincandy_desktop_leaderboard_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=1259390256&sfv=1-0-38&fsapi=false&prev_scp=test%3Dprebid%26cw%3Dbraincandy.net&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662990013077&lmt=1662990013&dlt=1662990010973&idt=1769&adxs=248&adys=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&frm=20&vis=1&psz=765x-1&msz=743x-1&fws=4&ohw=1600&ga_vid=805242697.1662990013&ga_sid=1662990013&ga_hid=210064594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2624ff8defd3b931d1e290b7e4293f02136e266e6dbfd0b23d287492867b665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11986
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ Frame B4E3 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/playNew.asp?id=cfd78290-d421-43a7-aec7-71b7bed277bf&ia=nancyg15/038e28c5-news-template-&m=&c=3E038D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 09:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 09:56:05 GMT
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		23 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
gJImWiUZ43TZkUACGUvnT4BAL8Ytwpd5
content-encoding
br
last-modified
Wed, 11 May 2022 08:57:43 GMT
server
AmazonS3
age
36127
etag
W/"5a00ba991fdd7fb0f560fb63f2f832e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
date
Mon, 12 Sep 2022 03:38:06 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
YLb3oqbvHTC7ZWzM-wq70D6qaIaZzmBlsK0mwWcc9h6ZTiOuC90-Ig==
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
3E038D
api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/ 		145 B
884 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/3E038D
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
84c1ead1a81d0c51ad7db7f35d8d0abb878a1405b58e0969987f01801dd17567

Request headers

Accept
application/json
Referer
https://trivia.braincandy.net/
x-spotim-page-view-id
f46770ce-0b86-42fb-92f7-fa9a72fca111
accept-language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-spotim-device-uuid
74065e47-a5db-42d9-ab47-6dc32ccb66df

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA56-P7
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
145
x-amz-cf-id
Ij3Lhf8KBSYGvb9LLQyvf3HZfpSnrAvSyOF81hSr9CBP0N3qwcJqQw==
x-request-id
6da9749d-32a0-11ed-8578-ceceb967f460
3E038D
api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_HQI9uHrd/3E038D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://trivia.braincandy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://trivia.braincandy.net
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 12 Sep 2022 13:40:13 GMT
server
fasthttp
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-id
q7eIswsH5kWlEWdaFLQtskuwZXEyFy00RSA6cXaPuqBMXhagDdkiuQ==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
fbevents.js
connect.facebook.net/en_US/ Frame 62F0 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26737
x-xss-protection
0
pragma
public
x-fb-debug
mjYM4XUasImxh6ADchyT3oIThwJGa3CYGiHX4qHKedI7ANy1Bx7C2nxIuC5khtJwxMirn9kcgupy+4J8HJBOig==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ Frame 62F0 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Mon, 12 Sep 2022 14:00:13 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 12 Oct 2022 13:40:13 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=0fb6435d05b8ea877cb6cb03b8ac9240_27801_1662990013095&tm=586&eT=0&widgetWidth=405&widgetHeight=26&widgetX=305&widgetY=1477&wRV=2000877&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=283&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
X-TraceId
b0954158a0a8bed5ac5a79b1dc810aea
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000877/module/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000877/module/streamFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5b8a8db63644026156e675e1ff7281d7bab273f2e713472d6927835b24f1e64c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 11:45:32 GMT
server
AkamaiNetStorage
etag
"fd45d5c4cd1a79c080e686a30dea4bbf:1662562584.446768"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14140
expires
Mon, 12 Sep 2022 17:40:13 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"65df986ae65cffdf92a926e7c42a25a8:1662969047.139727"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12268
expires
Wed, 12 Oct 2022 13:40:13 GMT
all.js
connect.facebook.net/en_US/ Frame 62F0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
409663c72651a721fdd24d5b2be998d26b40474b8ae3a2f937495f73fd8abeac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MFFFpTUqeue8upMafwn9CQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
cHcF9lwK5GUX/1ejkCwsg19oW/OKmJOzXJrK2Z7I4IuNC5j5Jr6QHkpp7Xss+qG4MoiZQ9mwcj8ApvawDxAhbg==
x-fb-content-md5
92f6b99c734c59db471efb058a6c0d2b
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:13 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d462242123a088e0c314c90e53eed75a"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 12 Sep 2022 13:48:17 GMT
sdk.js
embed.playbuzz.com/ Frame B4E3 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.playbuzz.com/sdk.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/playNew.asp?id=cfd78290-d421-43a7-aec7-71b7bed277bf&ia=nancyg15/038e28c5-news-template-&m=&c=3E038D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
374f15f22383af668c554546f48156e75868fd6dd55ecb2549f223515801d8b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
age
688919
x-cache
HIT, HIT
access-control-max-age
600
x-surrogate-key
SDK-for-external-purge
content-length
10389
x-served-by
cache-iad-kjyo7100166-IAD, cache-hhn4032-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1662990013.346707,VS0,VE1
etag
W/"a622-q40MjSlXX61sbFgHJD+q287rhC4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits
2, 1
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=136604453636163&ev=Microdata&dl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&rl=https%3A%2F%2Ftrivia.braincandy.net%2F&if=false&ts=1662990013227&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Brain%20Candy%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Quiz%3A%20This%20Week%20in%20the%20News%20%22%2C%22og%3Atype%22%3A%22game%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.ex.co%2Fimage%2Fupload%2Far_420%3A315%2Cc_crop%2Fw_420%2Cc_fill%2Fv1485701643%2Fw_560%2Ch_420%2Cc_fill%2Frrptnddw80syrlipfm4r.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22560%22%2C%22og%3Aimage%3Aheight%22%3A%22420%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ffb.braincandy.net%2F%3Fc%3D3E038D%26sid%3D725FC1%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Asite_name%22%3A%22Brain%20Candy%20Games%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.1.1662990012712.1970510093&it=1662990012448&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 12 Sep 2022 13:40:13 GMT
136604453636163
connect.facebook.net/signals/config/ Frame 62F0 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/136604453636163?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
081f13b2eccdffdb18a009c42c29b708a3880dbbfe60a3d42eee84e542c3393e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85903
x-xss-protection
0
pragma
public
x-fb-debug
BST5/ZSTUXfmEx5B4GH68SEfzIEYGwTgcjR7+h3OvYYry92kL5not0iXWfMl2T73owX7hekFQXXMLHJj6hZ7Hg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
unifiedPixel
tr.outbrain.com/ Frame 62F0 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=007f266ee8a5533b1005bf996bff48b066&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&optOut=false&bust=0006657276530358525&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/signupx.asp?c=3E038D&sw=1600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:13 GMT
Cache-Control
no-cache
X-TraceId
ec4ee771beb7f21b8c56aadf7b7c2e65
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
all.js
connect.facebook.net/en_US/ Frame 62F0 		300 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=95732b727038a52517e32842875b4652
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed95b8cb612512892d20c9fd9c4b0712a424c9620ef24aec92771648e17ee512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://trivia.braincandy.net/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QZvkSqCl1L4Qq1a2nWNvfg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86358
x-fb-rlafr
0
x-fb-debug
MToof6tE6+VvBuqGJB81uqcurzHCtcqjvfVVnETPBTJWTqDcBXpA78YTrz01VaDWsv7q+P89C7tFGK8nWQWJHA==
x-fb-content-md5
41f0928eb42faa15cf7d75d4f39a3755
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 13:40:13 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a92d149fa9fa5117b61176fefd043d9b"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 12 Sep 2023 11:43:03 GMT
get
mv.outbrain.com/Multivac/api/ 		191 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fbraincandy.net%2F%3Fc%3D3E038D&settings=true&recs=true&widgetJSId=AR_2&key=NANOWDGT01&version=2000877&apv=false&sig=tinJwLVB&format=html&rand=78128&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MGZiNjQzNWQwNWI4ZWE4NzdjYjZjYjAzYjhhYzkyNDA=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11984-83701&layeredTestInfo=11984-83701-&dpr=1&cw=405&darkMode=false&activeTab=true&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&ogn=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000877/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8d34b869ee356962376c3d8fba5f8e122690ad081c3ca3af14900803828c76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1662990013.286599,VS0,VE754
accept-ranges
bytes
x-served-by
cache-lga21933-LGA, cache-hhn4070-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
825f5ba53515c4478937faf43643bb9f
content-encoding
gzip
content-length
53963
expires
Thu, 01 Jan 1970 00:00:00 GMT
status
www.facebook.com/x/oauth/ Frame 62F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Ftrivia.braincandy.net&client_id=499465110243251&input_token&origin=1&redirect_uri=https%3A%2F%2Ftrivia.braincandy.net%2Fsignupx.asp%3Fc%3D3E038D%26sw%3D1600&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=95732b727038a52517e32842875b4652
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
oOXNruw3NCqxRHyDi9oIRz9Tu1lojV64jfBO1GRT2z5U4slN0jbCkHIQt0An4q+ykFUoGCEvVF6sDU1o4lwMuA==
fb-s
unknown
date
Mon, 12 Sep 2022 13:40:13 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
story-viewer.js
static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/ Frame B4E3 		580 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/story-viewer.js
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
639c2f332ee06b267c5953d550c63f73c493f55b8a76660a74dfbda29a0c0af4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
146728
last-modified
Mon, 15 Aug 2022 08:55:44 GMT
server
AmazonS3
etag
"35321462716957b2f365591075ad2654"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 19 Sep 2022 13:40:13 GMT
events
prd-collector-platform.ex.co/main/ Frame B4E3 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.142.21 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-142-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://trivia.braincandy.net
date
Mon, 12 Sep 2022 13:40:13 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
html
embed.playbuzz.com/ Frame B4E3 		158 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed.playbuzz.com/html?id=cfd78290-d421-43a7-aec7-71b7bed277bf
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7fe53c46be28ba06f3f379097a1bf6dfab29d6d9352cc9a8e9565bd9b0e50ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
etag
W/"27857-DEiyzDgoQrXiyZDOqxnGRxEjkBo"
age
6590
x-cache
HIT, HIT
x-pb-os
windows
access-control-max-age
600
x-pb-platform
desktop
x-surrogate-key
cfd78290-d421-43a7-aec7-71b7bed277bf story 12313cf8-5f5a-40e9-ba07-f42f8c46fb0a 098d4e5b-6fe2-4da2-9275-8682bc20faec braincandy.net playbuzz1 trivia.braincandy.net
content-length
30914
x-served-by
cache-iad-kjyo7100147-IAD, cache-hhn4083-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1662990013.473425,VS0,VE1
x-pb-browser
chrome
vary
X-PB-Campaign,X-PB-Os,X-PB-Platform,X-PB-Browser, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits
2, 1
amp4ads-v0.mjs
cdn.ampproject.org/rtv/042208242209000/ Frame 3593 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042208242209000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b835f80c6edd51acded4391e54cabe377799ebffb04b060c1a6db32f2d4a113
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
577915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61505
x-xss-protection
0
server
sffe
date
Mon, 05 Sep 2022 21:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"630b9ea7d67c7e1a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 21:08:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/042208242209000/v0/ Frame 3593 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042208242209000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
577915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
server
sffe
date
Mon, 05 Sep 2022 21:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"29c50428a02dcb23"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 21:08:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/042208242209000/v0/ Frame 3593 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042208242209000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
577919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28820
x-xss-protection
0
server
sffe
date
Mon, 05 Sep 2022 21:08:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d86c26a7f6daf516"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 21:08:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/042208242209000/v0/ Frame 3593 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042208242209000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
577915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1907
x-xss-protection
0
server
sffe
date
Mon, 05 Sep 2022 21:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f652edf411126f67"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 21:08:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/042208242209000/v0/ Frame 3593 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042208242209000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
577918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
date
Mon, 05 Sep 2022 21:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1a39bbdc45509c4d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 21:08:15 GMT
css
fonts.googleapis.com/ Frame 3593 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:05:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3593 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
13895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3593 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
20957
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:50:56 GMT
l
www.google.com/ads/measurement/ Frame 3593 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPUO9zdTQCao7TXhHH1Ffq9cYyuW1lPsg5M3XztwQUvWO-au5JpaPaITjj4tUUoljP-7q6
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3593 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs01KvTYfY46NCs3lgAe654pogtDbw2mw4buV_A-Wgs2FiBYQASCEoo4nYJUCoAGY7tyOA8gBCeACAKgDAcgDCqoEigJP0F5HdK1LvGAtFjimFkiZIkExkKIJmkM32Cdo0NJBE2-fVeaO8EuJNgXmHLyOlDFU-gRrz-T2xGOOiQ-ktm2Y8eJXDahbBPKmwJhROB62-hgOqO4uVqIaZtiYxK-2vIsw8C8AB80a3mG-5CoG312tM9v8pdUebCz1dROZQknz2cwqoAEgmIRh5wMoXbwRddzechLsIFVeJiUs-iKL4wkWuFeGoCeeQpih5kyIXXu0_JnNw6Q-kecz08fXWcD4fYHjQFIKpZdn6OEkxqKrVw1pyWnCrkqUUIpl6ufAAiPm8yaprTUrCLBVbDznl2IPaN7Jdp1Snz6q9dzFTjn2loCa0XpA5S8mVUwwvsAEoZmgju0D4AQBkgUECAQYAZIFBAgFGASgBi6AB9CRo3GoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDwLtIIEgiI4YBwEAEYHTID64IBOgKAQIAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi03NTQ5MTE3Njc1ODIxNTIxGJylHQ&sigh=I3xnHKZhU5E&uach_m=[UACH]&template_id=5000
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
2728354180183721846
tpc.googlesyndication.com/simgad/8221745353996937442/ Frame 3593 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8221745353996937442/2728354180183721846?w=195&h=102
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd53f198a259cd008a68fc5dbf189fdbfd4e8a347514b7e9a8daa19f6d940529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3765
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 16:56:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Sep 2023 13:40:13 GMT
truncated
/ Frame 3593 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3593 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3593 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24bc6b895d142f835b6a01526f626d6a2be1243456da05cc3072b4e0c890e2d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
container.html
0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E6A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:13 GMT
expires
Tue, 12 Sep 2023 13:40:13 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208121708000/ Frame CE59 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
532428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61526
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1753c5424806777"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame CE59 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
532428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"23fb7130d171a0c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame CE59 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
532428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bd6960dd2dd8774b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame CE59 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
532428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1914
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b6863aa0ddd5cf3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame CE59 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
532427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12954
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"008ca125395468a7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:26 GMT
css
fonts.googleapis.com/ Frame CE59 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:17:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CE59 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
13895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CE59 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
20957
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:50:56 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CE59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1e6LvTYfY7j0CpKUgQfu7a_wCsimpsZigdje9p0Nv5TPu5UOEAEghKKOJ2CVAqAB7eqQzgPIAQmpAio8rrxJA7E-4AIAqAMByAMKqgSJAk_Q-ATE7giH0XJKo5ImqdwFT_ANLlXmhtJo6jzGf3eWhBGExpf6YWLNvOrshUXIciRbuBKiYj1pjQpC0yk2C79dIV9jxWtph0oeoZl_TGiTdFP6r5ISDeWq7aNn7ywPuZY-qyspoWUqNhFop8AXfGP_csngB6wcDV2vs7im93kcTtx0g8CkVteIWeWBOXEr5PNSNJa-_Pht2VXhUcOjZPM4N_6JrKozNJKSUlL6rj49WawgUB1R3B1HjYem2j7QIp_Rz0JNDzEkve4XTX8dfFvHBikbDJUKxlTx1SlsSbOh3vwhK8L1zWEbY63UbZywS9ANX2WYEABWZwuqVfRTCdZ-Iq10Af5wvAzABOmE3Km5A-AEAZIFBAgEGAGSBQQIBRgEoAYugAf7lO8xqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ78oD0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwG4E-QD2BMLiBQC0BUBmBYBgBcBshceChwIABIUcHViLTc1NDkxMTc2NzU4MjE1MjEYnKUd&sigh=N2WJRKl69gk&uach_m=[UACH]&template_id=484
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
6592766407814317453
tpc.googlesyndication.com/simgad/5209232045500321427/ Frame CE59 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5209232045500321427/6592766407814317453
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cda144ffa4f3534c4de92d849f94fac3e6660515e419e096f874d8abc8570069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:12:03 GMT
x-content-type-options
nosniff
age
343690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24621
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 15:38:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 14:12:03 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10958555918838089496/ Frame CE59 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10958555918838089496/downsize_200k_v1?w=100&h=100
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f2c719c60b82b068864f566a0dfa0ac17fe72059cd471985e799604721439d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:32:38 GMT
x-content-type-options
nosniff
age
270455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3917
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 15:43:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Sep 2023 10:32:38 GMT
truncated
/ Frame CE59 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b03b07e58ab82280a7a2ae309c75307c45f7764d1d989dc4ae8923822f7586e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3593 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 15:49:18 GMT
x-content-type-options
nosniff
age
251455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 15:49:18 GMT
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v2.85.0/launcher/ 		3 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.85.0/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 06:36:55 GMT
content-encoding
br
age
2530999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
549
last-modified
Wed, 10 Aug 2022 09:16:51 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
x-amz-version-id
M22RvWes2wxCKSddhuX.fi3GBuco5N2s
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
KZ7cOHqt3rZG9w9eW_KtDYVgCnHfpMETlRYxVm-unuhf7TQoq9J8MA==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:34:14 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
29168
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
0
x-amz-cf-id
odt4r6TsWT3jtIsBRPQ154x2_WacpkEmCVTwXlwKwmraiAQUU8jUYQ==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:34:14 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
29168
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
0
x-amz-cf-id
dOcDfda58H7dBKAfC2r82y1BngAG-20feApbJdzC0BBgMlNn1mXInA==
a-01lm
i.liadm.com/s/c/ Frame 0E6A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.27.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-27-26.compute-1.amazonaws.com
Software
/
Resource Hash
5d5cc2808f0a99369d3a6934a1fa44e87071d24133995e9f1eb9a9a65a6c37eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
673
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:13 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.braincandy.net/ 		19 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.braincandy.net/baker?dtstmp=1662990013600
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Mon, 12 Sep 2022 13:40:14 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
css2
fonts.googleapis.com/ Frame 2711 		3 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
503ae94cf4f406a2527ecc3b35d9491190a7472e53a9c3284d16cb96532c73a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
css2
fonts.googleapis.com/ Frame 2711 		4 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Chivo:wght@400;700&family=Poppins:wght@400;700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62285f059fd0ccf0b56ba8cfad55dd5a4e1b6f17475d70471236383a294720ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:13 GMT
events
prd-collector-platform.ex.co/main/ Frame 2711 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.142.21 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-142-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://trivia.braincandy.net
date
Mon, 12 Sep 2022 13:40:13 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
story-viewer.js
static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/ Frame 2711 		580 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/story-viewer.js
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
639c2f332ee06b267c5953d550c63f73c493f55b8a76660a74dfbda29a0c0af4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
146728
last-modified
Mon, 15 Aug 2022 08:55:44 GMT
server
AmazonS3
etag
"35321462716957b2f365591075ad2654"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 19 Sep 2022 13:40:13 GMT
pixel-sdk.min.js
static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/ Frame 2711 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/pixel-sdk.min.js
Requested by
Host: embed.playbuzz.com
URL: https://embed.playbuzz.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
2969
last-modified
Wed, 30 Mar 2022 16:45:20 GMT
server
AmazonS3
etag
"c1e834ba9e137083fcb25e378b5d9bf1"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 19 Sep 2022 13:40:13 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CE59 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 16:44:52 GMT
x-content-type-options
nosniff
age
593721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CE59 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:27:29 GMT
x-content-type-options
nosniff
age
259964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 13:27:29 GMT
ads.js
static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ads.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff5c518de325451524ec95eed103df6fac29829739a25596be6c3e492043cf3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
sQWEX9AJGZgroEfRysEhoi6XNMgwe.wK
content-encoding
br
etag
W/"95928c195d356a6a48fdc0ad388b8ff0"
last-modified
Tue, 06 Sep 2022 06:20:16 GMT
server
AmazonS3
age
36102
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 03:38:32 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
gFEphZf6J9K-TEfopApW1Zza6Wno7W9D56x0sxFsWBWyjEVLXrTRQA==
ads.css
static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ads.css
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_HQI9uHrd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e31089f4bfef3979c0f08d78927782510af1bfae3843bee057d14c574f4f261f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
fLH8orB0qtRqLAYJcCDwK01PVzsH5it0
content-encoding
br
etag
W/"3d9a0c2fdb23054afb6db6cd7f10edc6"
last-modified
Tue, 06 Sep 2022 06:20:16 GMT
server
AmazonS3
age
36102
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 03:38:32 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
pwfLSjdisfMWR6wB3F2sEA9YQPEN78D8gdTg6npOImK-YkvkC76lZg==
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/ Frame 08F7 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eef5f64d88f9fa535fb33cd8fd875201dbab8292f300d9998a06ae49616863c7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=0
content-encoding
gzip
content-length
3607
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 12:43:27 GMT
expires
Mon, 12 Sep 2022 12:43:27 GMT
last-modified
Thu, 14 Apr 2022 15:19:17 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2E6A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmCjjvTYfY_qZCoOngQfs2o3IDpLsuKRs4POZ7JQQpLSjqv4OEAEghKKOJ2CVAqAB4r-h4gPIAQmpAhX8qCagzqk-4AIAqAMByANIqgSFAk_QgJgw2KoDSHdV62mx76dXWXVBt-1l3HhOJMVO2d_UGDP1AtSMFNw31GyaM48hG1X64o-Z1kl-XxyEyCtkHZ5kKHa6RusUsgHANnjSzpx3udjGIks5Qfv-from0SdgAGEDRJSgfxilHB_OE4H1iczW3uIyCoaaTfI1qjIMCgGtz83EVT6ygAoslaa97pB9m5nknZOwRwz3K1mtwMRjBP9FHQKcuLDW2DzkENG30g2D-5yzEztQmgsHjEMpB1oQlNnuKsd0y6OMoVdZfJNkT6f6Q5ywhow4sSW3D33nWRE6U36bALBGU7Vbw2Z_kXRgoFf3Xs0DNtMoDpMtcV_xD4JpSzmoVcAEhqTyv4cE4AQBkgUECAQYAZIFBAgFGASgBi6AB4bA3h2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDKkgLSCBIIiOGAcBABGB0yA-uCAToCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNzU0OTExNzY3NTgyMTUyMRicpR0&sigh=CbQPw-6PGGU&uach_m=[UACH]&template_id=419
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 2E6A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: 0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:05:53 GMT
/
pixel.ex.co/v1/playbuzz-network/ Frame 2711 		2 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.ex.co/v1/playbuzz-network/
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/pixel-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
via
1.1 varnish
age
2532
x-cache
HIT
content-length
2
x-served-by
cache-hhn4047-HHN
server
nginx
x-timer
S1662990014.818458,VS0,VE0
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
175
cfd78290-d421-43a7-aec7-71b7bed277bf
pixel.ex.co/v1/item/ Frame 2711 		1 KB
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.ex.co/v1/item/cfd78290-d421-43a7-aec7-71b7bed277bf
Requested by
Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/pixel-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
age
1873
x-cache
HIT
access-control-max-age
600
content-length
458
x-served-by
cache-hhn4047-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1662990014.818450,VS0,VE1
etag
W/"5c6-O3zrPZgNio3Vn+SHXFpF671qpQI"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
via
1.1 varnish
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1
xdomain_cookie.html
embed.ex.co/ Frame D84C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.ex.co/xdomain_cookie.html
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, X-PB-Referer
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-allow-origin
*
access-control-max-age
600
age
9046
cache-control
public, max-age=0
content-encoding
gzip
content-length
1228
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 13:40:13 GMT
etag
W/"a93-182a1217260"
last-modified
Mon, 15 Aug 2022 10:51:40 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
5, 1
x-served-by
cache-iad-kiad7000102-IAD, cache-hhn4028-HHN
x-timer
S1662990014.879467,VS0,VE1
trivia-viewer.js
static.ex.co/pb-story/trivia/production/fd617bfaf7d04aa2d50f8d59ae8dd98a18e81c95-2022-08-28-08-29-29/ Frame 2711 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/trivia/production/fd617bfaf7d04aa2d50f8d59ae8dd98a18e81c95-2022-08-28-08-29-29/trivia-viewer.js
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfe3e23a6bad96eb6c7a1032c88a4a445bde098403ce1aa4f82b336aa4081b98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
20684
last-modified
Sun, 28 Aug 2022 08:29:30 GMT
server
AmazonS3
etag
"f4a67c0109ba6f27fda0dcca999583ac"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 19 Sep 2022 13:40:13 GMT
trivia-viewer-svg.js
static.ex.co/pb-story/trivia/production/fd617bfaf7d04aa2d50f8d59ae8dd98a18e81c95-2022-08-28-08-29-29/ Frame 2711 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ex.co/pb-story/trivia/production/fd617bfaf7d04aa2d50f8d59ae8dd98a18e81c95-2022-08-28-08-29-29/trivia-viewer-svg.js
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/story-viewer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf77a1fa2302f84eda2e622959e0ba7e78ad3355af7fb2d6b3645d767c039c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
949
last-modified
Sun, 28 Aug 2022 08:29:30 GMT
server
AmazonS3
etag
"a9ca78bb79229c50198616b18ae01a81"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Mon, 19 Sep 2022 13:40:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/ 		345 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dde78f2de8d932b89c32fb311c62ae70b523802bd25364b622dd63ad42d865b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124392
x-xss-protection
0
server
cafe
etag
15459689338616025248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 13:40:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame 3C17 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 15:34:28 GMT
etag
8616628553774171045
expires
Sun, 25 Sep 2022 15:34:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame 08F7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2639
x-xss-protection
0
server
cafe
etag
15893831270588722589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Sep 2022 11:12:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 08F7 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Sep 2022 11:12:27 GMT
f6775969ec84658998d822a892f2114d.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/ Frame 08F7 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/f6775969ec84658998d822a892f2114d.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84263808fbb6a72b04085b32f0201bdb4270bfa354f35ffe6f3e92b29ff5cfc2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
20365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18728
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 15:19:17 GMT
server
sffe
date
Mon, 12 Sep 2022 08:00:48 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Sep 2023 08:00:48 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_HQI9uHrd/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_HQI9uHrd/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://trivia.braincandy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://trivia.braincandy.net
access-control-expose-headers
access-control-max-age
86400
content-length
0
date
Mon, 12 Sep 2022 13:40:13 GMT
server
fasthttp
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-id
dfbxP0FYtsx3Dto0YgFKoERxZGawPSRf4Qol_BmWZOsAsvUTiOlBsw==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_HQI9uHrd/ 		45 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_HQI9uHrd/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-121.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
b56fd696829dfb589af4ec9a6159bd0a5bb202ef1d02c5690209a853fa72a73b

Request headers

x-guid
74065e47-a5db-42d9-ab47-6dc32ccb66df
x-post-id
3E038D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-spot-id
sp_HQI9uHrd
x-spotim-page-view-id
f46770ce-0b86-42fb-92f7-fa9a72fca111
Referer
https://trivia.braincandy.net/
x-access-token
null

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-request-id
6e28a290-32a0-11ed-b098-3ea60ddbd2be
access-control-allow-origin
https://trivia.braincandy.net
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
access-control-expose-headers
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
OIn1Yh0zGUOG5XP-0OgY_ddyjifKTXlHdAfzWun7iFt_VuPjHx4v6w==
s
googleads.g.doubleclick.net/pagead/drt/ Frame 55FF 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 13:39:21 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2E6A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 12:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2E6A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:31:24 GMT
va9F4kzIxd1KFrjTZPZ4sK0.woff2
fonts.gstatic.com/s/chivo/v17/ Frame 2711 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chivo/v17/va9F4kzIxd1KFrjTZPZ4sK0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Chivo:wght@400;700&family=Poppins:wght@400;700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757890353064d66b81ba671ab1a358aad4b5afe0d5359c183408b441d345306c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 23:58:26 GMT
x-content-type-options
nosniff
age
308508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16420
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:26:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 23:58:26 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 2711 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Chivo:wght@400;700&family=Poppins:wght@400;700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trivia.braincandy.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:24:53 GMT
x-content-type-options
nosniff
age
411321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:24:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3593 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
13896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3593 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
20958
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:50:56 GMT
4efc1a8057244e5799461185ba13f9a7
i.liadm.com/s/e/a-01lm/0/ Frame 0E6A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01lm%2F0%2F4efc1a8057244e5799461185ba13f9a7%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&864e37a3-6fe1-43b7-b25b-cff...
  • https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=7156&muid=e87a631f-36be-4f00-850a-dc03c98b21c5
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=7156&muid=e87a631f-36be-4f00-850a-dc03c98b21c5
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
107.21.27.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-27-26.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=7156&muid=e87a631f-36be-4f00-850a-dc03c98b21c5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 13:40:13 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0E6A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
52164
i.liadm.com/s/ Frame 0E6A
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=0affba2d-acc5-4bae-b59c-7cce70a173a1
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=0affba2d-acc5-4bae-b59c-7cce70a173a1
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=0affba2d-acc5-4bae-b59c-7cce70a173a1
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d54074aa-82e6-4dad-b5e3-2a98cedd8acd&user_group=1&ssp=liveintent&bsw_param=0affba2d-acc5-4bae-b59c-7cce70a173a1
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=0affba2d-acc5-4bae-b59c-7cce70a173a1
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=0affba2d-acc5-4bae-b59c-7cce70a173a1
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
107.21.27.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-27-26.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=0affba2d-acc5-4bae-b59c-7cce70a173a1
Date
Mon, 12 Sep 2022 13:40:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
4efc1a8057244e5799461185ba13f9a7
i.liadm.com/s/e/a-01lm/0/ Frame 0E6A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01lm%2F0%2F4efc1a8057244e5799461185ba13f9a7%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01lm%2F0%2F4efc1a8057244e5799461185ba13f9a7%3Fmp...
  • https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=82775&muid=72381674148779969430150512367849694544
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=82775&muid=72381674148779969430150512367849694544
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
107.21.27.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-27-26.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-1-v039-0950f4dc5.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rzIpymQ8R/g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-01lm/0/4efc1a8057244e5799461185ba13f9a7?mpid=82775&muid=72381674148779969430150512367849694544
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame 0E6A
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&rd=Y
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Sep 2022 13:40:14 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=864e37a3-6fe1-43b7-b25b-cffb3a9e4f25&rd=Y
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 12 Sep 2022 13:40:14 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 0E6A 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
5
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:14 GMT
via
1.1 varnish
server
nginx
x-timer
S1662990014.292709,VS0,VE5
x-served-by
cache-ams21066-AMS
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
35004
i6.liadm.com/s/ Frame 0E6A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01lm?s=&cim=&ps=true&ls=true&duid=caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:412e:4f1e:a01:51cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date
Mon, 12 Sep 2022 13:40:14 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
css
fonts.googleapis.com/ Frame 08F7 		4 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/f6775969ec84658998d822a892f2114d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4b752b1a9d24398c9db6bc0945e622d2f231e2c11132ebd012e6a4510e3f062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:40:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:14 GMT
1f1aae6ab1b9e2d2d034eccbb204ca40.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/media/ Frame 08F7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/media/1f1aae6ab1b9e2d2d034eccbb204ca40.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de70a04a5d7cb5c39a1e0f73d2aae9d96e636115013bccb2265a4071db128b18
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
20366
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7697
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 15:19:17 GMT
server
sffe
date
Mon, 12 Sep 2022 08:00:48 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Sep 2023 08:00:48 GMT
bc545684a5fd8807845aa2678a12d2f4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/media/ Frame 08F7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/media/bc545684a5fd8807845aa2678a12d2f4.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
955dd29d714b46f273dd5068e324b3e073d9a107af78c09220fff645f84a9fbb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
20366
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5178
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 15:19:17 GMT
server
sffe
date
Mon, 12 Sep 2022 08:00:48 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Sep 2023 08:00:48 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=trivia.braincandy.net&callback=_gfp_s_&client=ca-pub-3297660157133908&cookie=ID%3D4d0883c8da504b63%3AT%3D1662990013%3AS%3DALNI_MYauG8SBQZK7XF-iasRH-ABOYPUoQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
aa50a5770487f2083cc414c9ff8d33d145b0d365d6fc43e5ce18cbb7404ff0a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tn=DIV&id=bottomBar&cls=bot-su-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 200F 		133 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3297660157133908&output=html&adk=1812271804&adf=3025194257&lmt=1662990014&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662990013790&bpp=3&bdt=2817&idt=391&shv=r20220907&mjsv=m202209070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d0883c8da504b63%3AT%3D1662990013%3AS%3DALNI_MYauG8SBQZK7XF-iasRH-ABOYPUoQ&nras=1&correlator=375042111743&frm=20&pv=2&ga_vid=805242697.1662990013&ga_sid=1662990013&ga_hid=210064594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44760912%2C31069438&oid=2&pvsid=3974309788351676&tmod=1473229242&uas=0&nvt=1&ref=https%3A%2F%2Ftrivia.braincandy.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=407
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7467ead4dd9312d3d831668efb678d459bc0a7edf1d38ce1062b3a07036ca0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
35138
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000877/module/ 		503 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000877/module/singleAnimationOnFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f5981f2a60d66e9d1805c3d8c73f00bb3200f6722e841d8bc414698a68e7845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Wed, 07 Sep 2022 11:45:32 GMT
server
AkamaiNetStorage
etag
"9a3612acbedc7ce531a48588b61d129f:1662562583.136712"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Mon, 12 Sep 2022 17:40:14 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=54cc450fc17f5de3f0b6a5137073e3fc_27801_1662990013455&tm=1608&eT=0&widgetWidth=1005&widgetHeight=409&widgetX=305&widgetY=1885&wRV=2000877&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
X-TraceId
2db9503c0ff66f3b02005cd14ab0018f
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=f92b8530c6fd1dc53b0552547a6b699b_27801_1662990013616&tm=1618&eT=0&widgetWidth=1005&widgetHeight=318&widgetX=305&widgetY=2318&wRV=2000877&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
X-TraceId
ab57df08786346f1ef03ae48dc3bb4f8
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=8ff2d8cb8ac891613c824c22e7e4c408_27801_1662990013779&tm=1619&eT=0&widgetWidth=1005&widgetHeight=409&widgetX=305&widgetY=2659&wRV=2000877&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
X-TraceId
90e629a2acf253f5f48d3358931836b6
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=88ae455cb3db08d45f3baad729430c07_27801_1662990013846&tm=1620&eT=0&widgetWidth=1005&widgetHeight=363&widgetX=305&widgetY=3092&wRV=2000877&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
X-TraceId
f18ae069f91ba16b3097ce720fa783a8
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=8f278f1de91788513b60c42c42384572_27801_1662990013961&tm=1621&eT=0&widgetWidth=1005&widgetHeight=409&widgetX=305&widgetY=3478&wRV=2000877&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
X-TraceId
91fc953f8a0a4b61bcda4fe465dc1919
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjJmYjRhOTgwZjEwOGNhMWQwNTU0OTQyZjc5OWNmZTBjZDRmZDYzZGIxZmQ2NDQ1OWUzNTUzMzFmYTY4M2E2NmUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJmYjRhOTgwZjEwOGNhMWQwNTU0OTQyZjc5OWNmZTBjZDRmZDYzZGIxZmQ2NDQ1OWUzNTUzMzFmYTY4M2E2NmUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb7bcac0e12fb4b6679bbd1fb505428016f47cc13895166c6d236999ee22215e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Mon, 22 Aug 2022 11:19:17 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=639543
access-control-allow-credentials
false
x-traceid
c5e8bcadabd4af9dfd875392779be6ae
timing-allow-origin
*, *
content-length
31926
eyJpdSI6Ijg1YWQzN2Q4NjgwNjQ5MDJhOTgzNjQwNjMxZTA4MjhlN2I4Nzk1YWQ4MmM3YzFiM2ZhNGJjYTNlNmYyZDJlMjEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg1YWQzN2Q4NjgwNjQ5MDJhOTgzNjQwNjMxZTA4MjhlN2I4Nzk1YWQ4MmM3YzFiM2ZhNGJjYTNlNmYyZDJlMjEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60bf9149b5fac18b8c69ed4333189a98a39bf094faa5032f7e95dd91e571494b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Thu, 28 Jul 2022 08:33:57 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=795020
access-control-allow-credentials
false
x-traceid
1089aa722b594db61724b748e6aab592
timing-allow-origin
*, *
content-length
38312
eyJpdSI6Ijc5NWMzNWRmMTlmYTNlMGQ4YWQ5YTZjNDdjZDhkZTE0YjZhZGRlMTc1ODgyNTVhZjc4MjY3ZWU2YjJiYjk3MWIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc5NWMzNWRmMTlmYTNlMGQ4YWQ5YTZjNDdjZDhkZTE0YjZhZGRlMTc1ODgyNTVhZjc4MjY3ZWU2YjJiYjk3MWIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5695c61250ed1ed58077beeca4118dfd05b8d66ee6703619067dafae787119ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Wed, 16 Mar 2022 09:49:02 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2454774
access-control-allow-credentials
false
x-traceid
5253fb0776facd902cfd2913eb65862f
timing-allow-origin
*, *
content-length
16902
eyJpdSI6IjE1NmI4NGQyZmM5YWU3NDVkYjkyM2M0Yzc4N2JkYWRkOTE0YjFhYzZmNTA1MzA1YjAxZDcwODg1ODdiYjliMjkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE1NmI4NGQyZmM5YWU3NDVkYjkyM2M0Yzc4N2JkYWRkOTE0YjFhYzZmNTA1MzA1YjAxZDcwODg1ODdiYjliMjkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa659c7c45d49f2417829001a787e1078f0b78298e06bf287c71458800673c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Wed, 10 Aug 2022 11:54:40 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1821371
access-control-allow-credentials
false
x-traceid
4dfede242b6f7022d4afbb335724a8ff
timing-allow-origin
*, *
content-length
46230
eyJpdSI6IjZlMDY1ODVlMDQ1ZDdmMjlhZjAwZmZiOWU0Zjk5NDdkMzEyOWE0MWIxYzE4MjBkMzVmMjJmMjM2YmU1ZGNiNzQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZlMDY1ODVlMDQ1ZDdmMjlhZjAwZmZiOWU0Zjk5NDdkMzEyOWE0MWIxYzE4MjBkMzVmMjJmMjM2YmU1ZGNiNzQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
63ff673881cd46862c43f1b8db153f5fb733ddee417980c8c0985fa44b9553aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Fri, 05 Aug 2022 08:45:59 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1410274
access-control-allow-credentials
false
x-traceid
eb3b41fbae70801cc1bf3a42efd8904d
timing-allow-origin
*, *
content-length
27958
eyJpdSI6ImU1MWRiOTMwNGZjMGIxNzJkNjUxNDg2ODUxM2EyZWI2N2EzZWRmMjY0YzUyZjk1MzVlNjYxY2UxNjMxOGViZGYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1MWRiOTMwNGZjMGIxNzJkNjUxNDg2ODUxM2EyZWI2N2EzZWRmMjY0YzUyZjk1MzVlNjYxY2UxNjMxOGViZGYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84905f1628abdd236b5959431738bbf87ea06ac93b8246d067915dda2a451827

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Wed, 24 Aug 2022 15:34:55 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=827694
access-control-allow-credentials
false
x-traceid
d725d884360fd2206351076989d34a9b
timing-allow-origin
*, *
content-length
8612
eyJpdSI6ImMwYTg0ZDMzOTljZjYyZGI3YjdhZjFjNzQzYWU1NjgwODgwY2MwYzBhZWUxMjVkMmUyYWVjZWM1OWI3NDUwYzMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImMwYTg0ZDMzOTljZjYyZGI3YjdhZjFjNzQzYWU1NjgwODgwY2MwYzBhZWUxMjVkMmUyYWVjZWM1OWI3NDUwYzMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
088ec1b89dcdbf71ea615451256bbd204ac3a7e9fb642d0187f7e8f9be6fe4b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Fri, 22 Jul 2022 03:42:24 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1207888
access-control-allow-credentials
false
x-traceid
59acb3c1409affd3c62c014f50e4d2af
timing-allow-origin
*, *
content-length
14894
eyJpdSI6ImM2MmIyYjhlY2YzNDEyNGQ3MGNkZDJiMWM1MDRhM2I4MjAxNzBiNTMwODc0ZmFmNjM1ZWQ1ZTU3ZDJmMjYzMjMiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM2MmIyYjhlY2YzNDEyNGQ3MGNkZDJiMWM1MDRhM2I4MjAxNzBiNTMwODc0ZmFmNjM1ZWQ1ZTU3ZDJmMjYzMjMiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
419c68f6e4e9cdb3742265fca3d7daab97bdae7eed5fd4b6cc6bef6ffdcd6859

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Mon, 30 May 2022 16:09:28 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=817043
access-control-allow-credentials
false
x-traceid
ae77eb81a3d7e329e10197415ea32aee
timing-allow-origin
*, *
content-length
42676
eyJpdSI6ImZjMmZhM2RiYmJiOGMyYmRjNDllYjMzYWNhYmQ4ODI2ZjA5YWFlZWZkNTkxODkxZTZhZjM4YmUyYTc2YzQzMmYiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZjMmZhM2RiYmJiOGMyYmRjNDllYjMzYWNhYmQ4ODI2ZjA5YWFlZWZkNTkxODkxZTZhZjM4YmUyYTc2YzQzMmYiLCJ3Ijo4MDAsImgiOjUzMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c035df23b10de005375f2a45884bb0602cd061917b0eaeb62fc230ff7604e7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Mon, 12 Sep 2022 12:14:13 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2462400
access-control-allow-credentials
false
x-traceid
438f34cab29903b16e66e519bd2e875b
timing-allow-origin
*, *
content-length
39958
eyJpdSI6ImM3YzI4Y2E1Yjk3MTA5NGZkZjEzOWU4ZmI3MDM4ZDMyNzIwYThkMTQ5MzVjZTIzZTA2MWVmMWQzZTE4YzAxZjciLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM3YzI4Y2E1Yjk3MTA5NGZkZjEzOWU4ZmI3MDM4ZDMyNzIwYThkMTQ5MzVjZTIzZTA2MWVmMWQzZTE4YzAxZjciLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa9f479359a20ae1f4635dc557035f51d65f2e520055550d4c250cfc53c5b304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Thu, 19 May 2022 14:27:01 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1307479
access-control-allow-credentials
false
x-traceid
0d9771090b689cf8b24e5ed2e13840fe
timing-allow-origin
*, *
content-length
21042
eyJpdSI6IjI5NTExNmIzNGE1ODIzZTA1M2I0YWU5ZWU3YzE5MTE3NGNiOWRkZTkzOTkzZWVlMzNlMjRjZWJjMDAyOTljZTAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI5NTExNmIzNGE1ODIzZTA1M2I0YWU5ZWU3YzE5MTE3NGNiOWRkZTkzOTkzZWVlMzNlMjRjZWJjMDAyOTljZTAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c87737f8f3544a5b8cc1fd97de242389c93b97313befb516107b78837fbe69f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
last-modified
Thu, 20 Jan 2022 07:16:10 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1069006
access-control-allow-credentials
false
x-traceid
8e332ec01b4f456e4e6a651ae1f9233e
timing-allow-origin
*, *
content-length
25978
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E6A 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 13:40:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 55FF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:14 GMT
expires
Mon, 12 Sep 2022 13:40:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:14 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2E6A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a1dc7ee815a2486c665e15ce92d01fb3491abec7a8556b84bbe8c4ccc7b83cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 08F7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 08:45:21 GMT
x-content-type-options
nosniff
age
536093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 08:45:21 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 08F7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 16:44:52 GMT
x-content-type-options
nosniff
age
593722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:44:52 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3E22 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 13:40:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 23:26:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
0
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
Etag
85cd34a450e7cc1a
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:14 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
180689c4-62e8-445a-831c-5077829f55a7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=6e677123-32a0-11ed-ad81-1f6fc1870506
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=6e677123-32a0-11ed-ad81-1f6fc1870506
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
108
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=6e677123-32a0-11ed-ad81-1f6fc1870506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
10
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-eRJS4LdE2uFJaQcZAz.sSqbFbaTDWC5K~A
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-eRJS4LdE2uFJaQcZAz.sSqbFbaTDWC5K~A
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
Adtelligent
Etag
b0ed34a450f7cc1a
Content-Length
0

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-eRJS4LdE2uFJaQcZAz.sSqbFbaTDWC5K~A
date
Mon, 12 Sep 2022 13:40:15 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=6e675496-32a0...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=6e6770b4-32a0-11ed-ad81-1f6fc1870506
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=6e6770b4-32a0-11ed-ad81-1f6fc1870506
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
Adtelligent
Etag
b0ed34a450f7cc1a
Content-Length
0

Redirect headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
nginx
Location
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=6e6770b4-32a0-11ed-ad81-1f6fc1870506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
107
Connection
keep-alive
Content-Length
0
710530.gif
di.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 02:27:47 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
age
40348
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4550
x-amz-cf-id
us_CyeypuKL44GoCwrC1ePeEtz3j0yoEbsSp3TVLo1p33euF0OTs_w==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 6654 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:45:31 GMT
content-encoding
br
last-modified
Tue, 06 Sep 2022 10:54:02 GMT
server
AmazonS3
age
3284
etag
W/"8ad2beee52c2abad4a49b927b72d3048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
zOexu8ImXfu9US6ZMH6htYdwGWNs1uWh
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
FRA56-P7
content-type
application/javascript
x-amz-cf-id
5qeQ1hxnXI8idnD0SCtg5Z8f1GRwLZ1fGjdVFEfBAkqWHXiHGmDNBg==
hb_270443_960.js
player.spotim.market/prebidlink/461941/ Frame 6654 		419 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
97b239e181c48a77934feb7b45717c7ec05b34a2d5425af4ee091afe0d7e9642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 11:20:15 GMT
server
nginx
etag
W/"63172cef-68b10"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 13:40:14 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6654 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81e46ec29f04dd5f649c435a146e58114059537a62790af29f621096026671a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28708
x-xss-protection
0
server
sffe
etag
"1331 / 266 of 1000 / last-modified: 1662980796"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Sep 2022 13:40:14 GMT
wrapper_hb_270443_960.js
player.spotim.market/prebidlink/461941/ Frame 6654 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/461941/wrapper_hb_270443_960.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
0862d6495c41366fb50155eb643b1dccdaeee7ccd7fb0dee56c7eafa9f7cdcae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:53:55 GMT
server
nginx
etag
W/"631f1dd3-6df"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 13:40:14 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
main-chunk.css
static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ 		735 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/main-chunk.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55810f9e73b427e872cdae62ffe3ab1b87a367ab596349dba3477369cf498fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
WGuLYEJFWA.FbzdcUr.HpJ4nbhdJnbxV
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
etag
"e3af271505c915ec112e73c7682cd064"
last-modified
Tue, 06 Sep 2022 06:20:16 GMT
server
AmazonS3
age
31618
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
date
Mon, 12 Sep 2022 04:53:16 GMT
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
735
x-amz-cf-id
4F6zLFyIcQlQ4rb3_3xCO6TYQDS6G2OGvXlrYTZ5EitD2LHbFKvjZQ==
main-chunk.js
static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/main-chunk.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5c2450355d0b009eea21c4563b7fa16cde374306cfad5dff4604910a2f19ab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
5dDj4KrkPETWhlSo_aZAtDVfX3cwefxh
content-encoding
br
etag
W/"679e37f55488e2f3767a1c74aff31505"
last-modified
Tue, 06 Sep 2022 06:20:16 GMT
server
AmazonS3
age
42857
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 01:45:58 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
Dqv4CgYzI5k0FP2Us2cfnclr-A9soLwntLHryQkjFQ7f4lWJbXSuUA==
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 08F7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 16:56:45 GMT
player.js
player.aniview.com/script/6.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.6.0/ads/main-chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b4238fce65430ce1851ded4b19658654d53a08095b6c2a282d0f8f3fe41f60a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsMnG6dqXL8bRsFjg32c1NLK6dINXTAdQHUpT3YyVekoILlVMQNeaMuH76KoDEXKwtJRYZehdQLbw5eBrmuKxWf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9906
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"9572ff25f70c4f55580b639ebbddad00"
vary
Accept-Encoding
x-goog-hash
crc32c=sM4Cpg==, md5=lXL/JfcMT1VYC2Oeu92tAA==
x-goog-generation
1662976678068737
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9906
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 13:45:14 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6284bb0d2f143523756080dd&e=playerLoaded&cb=1662990014555&r=https://trivia.braincandy.net/?038e28c5-news-template-
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.10.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-10-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ Frame 6654 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 13:23:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 6654 		164 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trivia.braincandy.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
857ee0f5aca402719b5ddcfcfca309b165ec1b93d41c91e290816ea4503789c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114
x-xss-protection
0
expires
Mon, 12 Sep 2022 13:40:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3E22 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71967572&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-length
0
AVmanager.js
player.aniview.com/script/6.1/ Frame D22A 		390 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8d77272e667edbd250940ee04a90ca18c05443eb72775e1b19c9999b57983226

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdud059-662Wwh96Hq-y0-R82vWi70HRN-4ILH8FmLRaZqqfDXIrceTedsFl5AN_DcgDmLPfE6mcHXr8wkroE6ke0gURpFkk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112393
last-modified
Mon, 12 Sep 2022 09:57:57 GMT
server
UploadServer
etag
"821f136decc9ce574806359a9e44142a"
vary
Accept-Encoding
x-goog-hash
crc32c=6STPyg==, md5=gh8TbezJzldIBjWankQUKg==
x-goog-generation
1662976677830731
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112393
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 13:45:14 GMT
hbw_master_270443_960.js
player.spotim.market/prebidlink/x461941/ Frame 6654 		228 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/wrapper_hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
3dca1ff1862018cc61514feae48f711ab043116408134ec162192a5e43e91d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:53:55 GMT
server
nginx
etag
W/"631f1dd3-3919a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 13:40:14 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
events
prd-collector-platform.ex.co/main/ Frame 2711 		0
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prd-collector-platform.ex.co/main/events
Requested by
Host: static.ex.co
URL: https://static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/story-viewer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.142.21 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-142-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://trivia.braincandy.net
date
Mon, 12 Sep 2022 13:40:14 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/reactive_library_fy2021.js?bust=31069438
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba78cef1f8f96f8c8b0af8a19c839ef333dfb767ecf4e4bb7053d933d0a6d8e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54571
x-xss-protection
0
server
cafe
etag
9754885642089257561
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 13:40:14 GMT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 6654 		1 MB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbffd580913c0d2908c6bb95e3efba94c3314b45a5504729b9170ea27a976521

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:45:31 GMT
content-encoding
br
last-modified
Mon, 12 Sep 2022 12:02:55 GMT
server
AmazonS3
age
3284
etag
W/"fe8d420cf4acea89d79d71f730870312"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
HmD9cfl0ahXqrlpS1AEMq42cVsBrMxzE
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA56-P7
content-type
text/javascript
x-amz-cf-id
w_swmCtna_mhC0qohSUAX2QQzoEHnLtUeeS7fdBxAAuEhceR8BDdFg==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6654 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 12 Sep 2022 13:36:47 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
209
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
rYr1J-TfFekgRcNMKsLkKLp3eUu2AhfPRi3NasRt5A3t600aE1TkPw==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 6654 		609 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ade1d98683ce976187ff43bc00b95c9d25017ecb7fadd7ff855703f4321f37cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:45:31 GMT
content-encoding
br
last-modified
Mon, 12 Sep 2022 12:02:30 GMT
server
AmazonS3
age
3284
etag
W/"6b0c58033decef8f0e2a45658254dc11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
sf6f2To4n61KFRtN64IjofJtzhVz2tI.
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA56-P7
content-type
text/javascript
x-amz-cf-id
E4FyzHNwRc1lcq2q3TtdcLcSy4-PzDNObauaSsjWKQJAT_vED36QRA==
grumi.js
rumcdn.geoedge.be/f56c63ac-7a27-4063-8e9c-611b9f7b523f/ Frame 6654 		598 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/f56c63ac-7a27-4063-8e9c-611b9f7b523f/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d33ecd7c4e2bdf9821312b4a439e6394c3b6c954944c7628ec0ad6171ccfcb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:45:32 GMT
content-encoding
br
last-modified
Mon, 12 Sep 2022 12:02:46 GMT
server
AmazonS3
age
3283
etag
W/"866f9ffba1a207d93a5ddc11840bd620"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
1pGJnuGyyfcXk0OERnLHTfy8R2wE7KLs
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA56-P7
content-type
text/javascript
x-amz-cf-id
lTrt_bO9ayrgBuCnxsoYIc0XX3GXg_sCOAb5fRS0O7BpT5GuuQQ2Jw==
/
ghb.spotim.market/geo/ Frame 6654 		139 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
cdd136e36bcf38f0a7fa2eb8e3856efcdc034d868ba5096b00a201f854066dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
139
tracking
ghb.spotim.market/adunit/ Frame 6654 		43 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=960&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Ftrivia.braincandy.net&adid=ytbfsp.is&features=81952&vpbv=N082&lifecycle_tte=545
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://trivia.braincandy.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.deliveryapis.com/prebidlink/19247/ Frame 858F 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.deliveryapis.com/prebidlink/19247/j.html?i=11597
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 13:40:15 GMT
etag
W/"620bee41-43d"
expires
Wed, 14 Sep 2022 13:40:15 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 6654 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Ftrivia.braincandy.net
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
433be291f1ea19d280d86ce81164f98d1815e48c568a1e8e140f3f367656ead5

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
last-modified
Sun, 11 Sep 2022 12:01:03 GMT
server
nginx
etag
W/"631dcdff-83c"
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
expires
Wed, 14 Sep 2022 13:40:15 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=trivia.braincandy.net&sn=&cd1=sp_HQI9uHrd&cd2=Desktop&cd3=pitc&cd4=f46770ce-0b86-42fb-92f7-fa9a72fca111&cd5=Qin4yxWCqlLyU4_wQtD1H3cfAcsShhaRx53nqVa3kj5hxTepkL7OfMCGGmjpfrnY&cd6=stable&cd7=row1-column1&cd9=151404300&cd10=v21.6.0&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.54&apppkg=&fv=3&proto=https&clsid=01aeff88-9c1a-413a-ac0d-daf1d530da53&rando=9&pid=5e0e296628a061270b21ccab&cid=6284bb0d2f143523756080dd&stagid=&stplid=&e=inventory&vi=0&cb=1662990015010
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.10.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-10-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
u5icxivdbfgzfxtq4mge.png
img.ex.co/image/upload/ar_1.7777777777777777,c_crop/q_auto:best,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1662830417/ Frame 2711 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ex.co/image/upload/ar_1.7777777777777777,c_crop/q_auto:best,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1662830417/u5icxivdbfgzfxtq4mge.png
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7bd17c52a66c6beff018fe4615c23babe7b123d60c70a6e0c9a14e447c2061e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
x-amz-meta-cld-surrogate-reporting
width=640,height=360,owidth=1024,oheight=576,obytes=359646
x-amz-meta-cld-transformation-id
6863805461796466518
x-amz-meta-cld-version
1662830417
x-amz-meta-cld-surrogate-key
267541855261485410331327547040962890241 364542952407814222736026449990050274612
content-disposition
inline; filename="u5icxivdbfgzfxtq4mge.webp"
x-amz-request-id
DN51STTEP414NHCA
x-amz-id-2
wctTRTPS58XIrFI7dm8X1tZ+k3IhTltbQi7yb4rdcBfz6UwWuNWIzar0HroP6taAjEVX+fTKHaeiTjti7dj39g==
accept-ranges
bytes
last-modified
Sun, 11 Sep 2022 02:38:37 GMT
server
AmazonS3
etag
"0c34ef3bfefab6797176881bd500b115"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31444519
content-length
17378
expires
Mon, 11 Sep 2023 12:15:34 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/ Frame DE3A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3297660157133908&plah=trivia.braincandy.net&bust=31069438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 17:30:00 GMT
etag
8616628553774171045
expires
Sun, 25 Sep 2022 17:30:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
go1.aniview.com/api/adserver/tag/ 		48 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_HQI9uHrd&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=f46770ce-0b86-42fb-92f7-fa9a72fca111&AV_CDIM5=Qin4yxWCqlLyU4_wQtD1H3cfAcsShhaRx53nqVa3kj5hxTepkL7OfMCGGmjpfrnY&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=151404300&AV_CDIM10=v21.6.0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_HQI9uHrd%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bb0d2f143523756080dd&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=trivia.braincandy.net&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.2.54&responsive=1&sver=2&avtoken=15010&omv=1.0.1&clsid=01aeff88-9c1a-413a-ac0d-daf1d530da53&rando=9&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1662990015044&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.43.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-43-174.compute-1.amazonaws.com
Software
/
Resource Hash
57bba5d7803aa6358db04165a12bd94996c75349d8ec969c3b61b680fe8b5c7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Aug 2022 23:53:35 GMT
css2
fonts.googleapis.com/ Frame DE3A 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 13:05:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:15 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DE3A 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:47:41 GMT
x-content-type-options
nosniff
age
3154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 12 Sep 2023 12:47:41 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DE3A 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:57:11 GMT
x-content-type-options
nosniff
age
2584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 12 Sep 2023 12:57:11 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame DE3A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec9ae04448369cfd061688be0e2203a5696e42a15d1c179e7ba7849acb2c63cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8353
x-xss-protection
0
server
cafe
etag
17005385338368023289
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:03:53 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 6654 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftrivia.braincandy.net&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:15:03 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
server
Server
age
5112
x-cache
Hit from cloudfront
access-control-allow-origin
https://trivia.braincandy.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
tD_GjEiWIwjTFfyHent_nW4SWVMsirC1UoYTycZ6ROwwWwcuBIRlIQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6654 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
4896
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Mon, 12 Sep 2022 13:40:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
X_FLvQ5uERMD7W2ILubZ7uJ5yLZbXXXde8a5lVVF_r2VcXxG3NIfUg==
hbw_master_307825_11597.js
p.deliveryapis.com/prebidlink/y19247/ Frame 858F 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.deliveryapis.com/prebidlink/y19247/hbw_master_307825_11597.js
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19247/j.html?i=11597
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4255b3b2292ee9a54d879db6f9ef512554216f581f3eca574291fbc2073a07eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.deliveryapis.com/prebidlink/19247/j.html?i=11597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 18:55:37 GMT
server
nginx
etag
W/"631a3aa9-13cdf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 14 Sep 2022 13:40:15 GMT
css
fonts.googleapis.com/ Frame 0BC2 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 12:59:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 13:40:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 13:40:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 0BC2 		2 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:28:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 0BC2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:05:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 0BC2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 12:59:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BC2 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 13:40:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 0BC2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:31:24 GMT
l
www.google.com/ads/measurement/ Frame 0BC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmSugnVXavp1Z27z9RVwBX7kBeIjq-sI_9G7Lt4zBdgMMjTAb8hmEAMtuTF6mbP0aIKsfxRsEWEQXFDLwGlqNYb-RXmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
8e474446b56ed6ef0feeec2d987f1a60.js
www.gstatic.com/mysidia/ Frame 0BC2 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 11:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 04:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 11:12:58 GMT
hb_307825_11597.js
player.adtelligent.com/prebidlink/ex19248/ Frame 858F 		286 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/y19247/hbw_master_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
d3f5d2edb1d7efe3e24417b3a48999d2090f8b7cab6a0f773e4075b33122de03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 20:18:51 GMT
server
nginx
etag
W/"62fe9eab-47661"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 13:40:15 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ Frame 858F 		139 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/y19247/hbw_master_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
cdd136e36bcf38f0a7fa2eb8e3856efcdc034d868ba5096b00a201f854066dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.deliveryapis.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
139
tracking
ghb.adtelligent.com/adunit/ Frame 858F 		43 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11597&full_page_url=https%3A%2F%2Ftrivia.braincandy.net&adid=ytbg10.am&features=16416&vpbv=N082&lifecycle_tte=290
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/y19247/hbw_master_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.deliveryapis.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
bid
c.amazon-adsystem.com/e/dtb/ Frame 6654 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&pr=https%3A%2F%2Ftrivia.braincandy.net%2F&pid=cTabVBzsPs7Ro&cb=0&ws=336x280&v=22.8.252032&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1655390427309-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_HQI9uHrd%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
ACCZK9E6NWY1C065JTG3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
TZ382B3qZKEnateHm6_Rph2i9z1PnO_49hwRJShR25Xb1yalFAoaDA==
csyncs
ghb.spotim.market/ Frame 6654 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/csyncs?aid1=524901&aid2=537181&aid3=572165&aid4=623328&aid5=654586&aid6=730717&aid7=735207&aid8=736291&aid9=744445&aid10=744458&aid11=744459&aid12=752915&aid13=767137&aid14=767587&aid15=779828
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
df43f25b72d8a8b755e2dd929f8752eb0fe183400b6c11b85b24470a1f96ea3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://trivia.braincandy.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1054
sync.html
s.adtelligent.com/ Frame 3995 		989 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=752915
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1084b05873cce3d3ad25480f1dfd25c72fc7d60cec07a65c7e3cc927ecfac6ba

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
519
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame E433 		989 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=744459
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1084b05873cce3d3ad25480f1dfd25c72fc7d60cec07a65c7e3cc927ecfac6ba

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
519
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 3842 		989 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=735207
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1084b05873cce3d3ad25480f1dfd25c72fc7d60cec07a65c7e3cc927ecfac6ba

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
519
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 4720 		989 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=736291
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1084b05873cce3d3ad25480f1dfd25c72fc7d60cec07a65c7e3cc927ecfac6ba

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
519
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame C8D9 		1 KB
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=730717
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6728a0ce89e4654e589280a209df5c1d5c8a690bca4a720b79df7255560d118a

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
680
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame A37F 		989 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=744458
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1084b05873cce3d3ad25480f1dfd25c72fc7d60cec07a65c7e3cc927ecfac6ba

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
519
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame D5FE 		989 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=744445
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1084b05873cce3d3ad25480f1dfd25c72fc7d60cec07a65c7e3cc927ecfac6ba

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
519
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 77FE 		1 KB
883 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=654586
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5149:0:c634:6bff:fefd:5008 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ae4d6ab32051aa7690f4e8aadb1f61d63384855b0903493fd8b129a2d66262a3

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://trivia.braincandy.net
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
574
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
rtb
trends.revcontent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/rtb?apiKey=d1ca204723a06b3dd2c8ce63c6a6616c8432b534&userId=158948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.210.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-210-64.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://trivia.braincandy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://trivia.braincandy.net
access-control-max-age
1800
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
server
openresty
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
prebid
prebid.deepintent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://trivia.braincandy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://trivia.braincandy.net
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
server
c
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://trivia.braincandy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://trivia.braincandy.net
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 12 Sep 2022 13:40:15 GMT
prebid
prebid.media.net/rtb/ Frame 6654 		311 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUU04S3F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3ba33ddcb2477f8f4f7ac1078e8ddb44d9ed23133986c0a1a38a0e12c8cf8105

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ Frame 6654 		24 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1b146af9c12f627e217d087ca160f6c98cd9ef8de8746a794ff24db8c7f3fe46

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 6654 		536 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&SafeFrame=true&PublisherDomain=https%3A%2F%2Ftrivia.braincandy.net
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
0a929e8aabf13ddabcd616960df43759c60ae4e454153b79f684823e27ea1445
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
24
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
536
expires
0
translator
hbopenbid.pubmatic.com/ Frame 6654 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trivia.braincandy.net
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 6654 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=45592516686
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
rtb
trends.revcontent.com/ Frame 6654 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/rtb?apiKey=d1ca204723a06b3dd2c8ce63c6a6616c8432b534&userId=158948
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.210.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-210-64.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://trivia.braincandy.net
date
Mon, 12 Sep 2022 13:40:15 GMT
access-control-allow-credentials
true
server
openresty
x-envoy-upstream-service-time
1
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
/
ghb.adtelligent.com/v2/auction/ Frame 6654 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
907bfac2298aa2efc9fc9a3bdfd496d0244fb41c1a8300e8a6cc2ea300631744

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://trivia.braincandy.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
904
/
ghb1.adtelligent.com/v2/auction/ Frame 6654 		1 KB
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c01923022a02b6df39f59f53422cab02ed0709477d7c8778b5dff002e5f43490

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://trivia.braincandy.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
513
prebid
prebid.deepintent.com/ Frame 6654 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
server
a
vary
Origin
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://trivia.braincandy.net
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
/
b1h.zemanta.com/api/bidder/prebid/bid/ Frame 6654 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.223 Lincolnwood, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://trivia.braincandy.net
Access-Control-Allow-Credentials
true
/
ghb2.adtelligent.com/v2/auction/ Frame 6654 		275 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
931d6f3803d21ee4dad6d86b6cc9f46fc95192e6473e1a62c56cbf0beab95b94

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:14 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://trivia.braincandy.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
240
unruly_prebid
targeting.unrulymedia.com/ Frame 6654 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://trivia.braincandy.net
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6654 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trivia.braincandy.net
date
Mon, 12 Sep 2022 13:40:15 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6654 		360 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,sp_HQI9uHrd,1,,,&eid_pubcid.org=20b8111b-866e-46fb-a61c-17411a046eb7%5E1&eid_spotim.market=74065e47-a5db-42d9-ab47-6dc32ccb66df%5E1&rf=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tg_i.pbadslot=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=644f78a4-ace6-42de-b4ff-1a1fe4ff85f2&l_pb_bid_id=532b5d0c4a39955&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&slots=1&rand=0.025453716949071836
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9d472ebfd9cc90f8403602655a84c9be01903b533905b684cd9befb963d50061

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
360
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6654 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,sp_HQI9uHrd,1,,,&eid_pubcid.org=20b8111b-866e-46fb-a61c-17411a046eb7%5E1&eid_spotim.market=74065e47-a5db-42d9-ab47-6dc32ccb66df%5E1&rf=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tg_i.pbadslot=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=644f78a4-ace6-42de-b4ff-1a1fe4ff85f2&l_pb_bid_id=545efcb0b630a6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&slots=1&rand=0.6774878349902957
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
615c7540215ad8e7fc6c9e6591774c00625719fc9de62acac0bb2fcdfee6fbec

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
361
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6654 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,sp_HQI9uHrd,1,,,&eid_pubcid.org=20b8111b-866e-46fb-a61c-17411a046eb7%5E1&eid_spotim.market=74065e47-a5db-42d9-ab47-6dc32ccb66df%5E1&rf=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tg_i.pbadslot=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=644f78a4-ace6-42de-b4ff-1a1fe4ff85f2&l_pb_bid_id=55d96007598302c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&slots=1&rand=0.9043218253246044
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fdaa62cbd76ab7c29852340640d2813f801ede9fac08a8bc0c4f092fd099e642

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
361
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6654 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2435418&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,sp_HQI9uHrd,1,,,&eid_pubcid.org=20b8111b-866e-46fb-a61c-17411a046eb7%5E1&eid_spotim.market=74065e47-a5db-42d9-ab47-6dc32ccb66df%5E1&rf=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tg_i.pbadslot=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=644f78a4-ace6-42de-b4ff-1a1fe4ff85f2&l_pb_bid_id=563829e37f6a2ed&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&slots=1&rand=0.9228508057160747
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b5603fde15c2e2b1c5ccf03575ed0bb31b89659c5c765bd741ef6dbee7d09129

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
361
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6654 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=0&rp_schain=1.0,1!spotim.market,sp_HQI9uHrd,1,,,&eid_pubcid.org=20b8111b-866e-46fb-a61c-17411a046eb7%5E1&eid_spotim.market=74065e47-a5db-42d9-ab47-6dc32ccb66df%5E1&rf=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&tg_i.pbadslot=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=644f78a4-ace6-42de-b4ff-1a1fe4ff85f2&l_pb_bid_id=572bd2ad8c27757&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0&slots=1&rand=0.6387371608181196
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f2ec5d3be4e566baddc13d90fd5507d236446307ce4117ae1f46d66f14addaee

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
361
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 6654 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=94975384910
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/ Frame 6654 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cygnus
htlb.casalemedia.com/ Frame 6654 		37 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226240ecdb3d52275%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263f681a932c430a%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22581365%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22320x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F39694909%2C151404300%2FDBV%2FDBV_BrainCandy-HA_TEST%23div-gpt-ad-1655390427309-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2debb0d06878f7b3d197eed8e71e70c33fd74bfd730fa4dd84328fed1d1cd64b

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fbok6UQ7CENZpCLD%2BB8BCzKvFTtDLk3Y5CxLWsp7i2h8gBt06tU%2BYVnUzDBjXcmx2n2AhXw%2B2n57f1fSFxZu5yXq8fM7vdtAlIrKFkuTKUfG4x8vDb%2B3ZQ2E5M3fLc%2B%2FCGeIc%2BQ9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcc1d8490dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
arj
spot-im-d.openx.net/w/1.0/ Frame 6654 		174 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=644f78a4-ace6-42de-b4ff-1a1fe4ff85f2%2C644f78a4-ace6-42de-b4ff-1a1fe4ff85f2%2C644f78a4-ace6-42de-b4ff-1a1fe4ff85f2%2C644f78a4-ace6-42de-b4ff-1a1fe4ff85f2&nocache=1662990015294&gdpr=0&pubcid=20b8111b-866e-46fb-a61c-17411a046eb7&schain=1.0%2C1!spotim.market%2Csp_HQI9uHrd%2C1%2C%2C%2C&aus=300x250%2C320x250%2C336x280%7C300x250%2C320x250%2C336x280%7C300x250%2C320x250%2C336x280%7C300x250%2C320x250%2C336x280&divids=div-gpt-ad-1655390427309-0%2Cdiv-gpt-ad-1655390427309-0%2Cdiv-gpt-ad-1655390427309-0%2Cdiv-gpt-ad-1655390427309-0&aucs=%252F39694909%252C151404300%252FDBV%252FDBV_BrainCandy-HA_TEST%2523div-gpt-ad-1655390427309-0%2C%252F39694909%252C151404300%252FDBV%252FDBV_BrainCandy-HA_TEST%2523div-gpt-ad-1655390427309-0%2C%252F39694909%252C151404300%252FDBV%252FDBV_BrainCandy-HA_TEST%2523div-gpt-ad-1655390427309-0%2C%252F39694909%252C151404300%252FDBV%252FDBV_BrainCandy-HA_TEST%2523div-gpt-ad-1655390427309-0&auid=540254226%2C540934835%2C541192057%2C543856208
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e885d00b39c11891f2ec661202de7044d5604927ed763d18fddafdeb42e76215

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://trivia.braincandy.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6654 		19 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:15 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
efe9793d-9801-4277-8da8-94abd3476ad5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://trivia.braincandy.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8CA9 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 13:39:21 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1535 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:34:57 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 10:34:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
onetag-sys.com/usync/ Frame 6025 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 42C3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
getuid
eb2.3lift.com/ Frame 1DBC 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 12 Sep 2022 13:40:15 GMT
csync
sync.spotim.market/ Frame 064C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 12 Sep 2022 13:40:15 GMT
Etag
b0ed34a450f7cc1a
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
ca6da2a8-185a-4cfd-b285-4a954e795bca
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
isyn
prebid.a-mo.net/ Frame C49B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 12 Sep 2022 13:40:14 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 257D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121602
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 13:40:15 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 23:26:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A7C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame E8C3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5NDJstcArpS1lMZxgAA%261132
0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5NDJstcArpS1lMZxgAA%261132
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 12 Sep 2022 13:40:16 GMT
Etag
b0ed34a450f7cc1a
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dcdcee86933-FRA
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
expires
0
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5NDJstcArpS1lMZxgAA%261132
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bc7JGSh5uyR3MXK4wQbO0bjSwvQcAWcsbfXHVzbaiXRszb3m9MgYWfv9bQkWbAUfD4ZfJCyJ486D5pWpmzVhfGWd6UmiAWlloYX7Zgn%2BBPMJaDwy1ErRMTtl1nvo76QNbx0oiVZx8QoZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 6F54
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219
0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 12 Sep 2022 13:40:16 GMT
Etag
b0ed34a450f7cc1a
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dcdceee6933-FRA
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
expires
0
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZE%2FVCnOy%2F6SJwly4r7lpMFbZhhfRPUgB6nKzAcxDGtrGFyl6jyHFUgRq1Dh6qznVDhCRgQfrhm0WO1Z18p%2FCtfkoWX7SX6zRu7K03EwIyHMfV2QHrnwH%2F%2BYzLxUF3XJjzwmzHqSYdQGpmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
csync
sync.spotim.market/ Frame D73A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 12 Sep 2022 13:40:15 GMT
Etag
b0ed34a450f7cc1a
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
95819f34-34d0-429b-ac12-f5a52c353c18
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=1191377105773987456
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
isyn
prebid.a-mo.net/ Frame E2D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 12 Sep 2022 13:40:14 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
csync
sync.spotim.market/ Frame 4292
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58558/occ
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
0
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 12 Sep 2022 13:40:16 GMT
Etag
b0ed34a450f7cc1a
Server
Adtelligent

Redirect headers

age
0
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
location
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame 0E53
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/ Frame 6654
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1662990015540
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3264305471
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3264305471
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
etag
RXfcdd223b098a43f3a0658b6c1eea7a11003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3264305471
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.spotim.market/ Frame 6654 		0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=734125&extuid=$UID
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Server
Adtelligent
Etag
b0ed34a450f7cc1a
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 6654
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dce2fa76933-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRK9ZbMW4wZ18gzXiLkdBJVHup97avPfmLFuIYstu13fcjJc%2FP%2FSHbtx9YhshtLwllUGaWVr7jfDfi0y9Q5VpA1JnHEAXmuc9C9Ze%2FH2b0PrZMAyvV%2FMo4EEX8840mOMTZLqfGlp9TBePQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BwcOl3aPKNMyersIsM27eUUP2VpRtzlWOU%2BY6pJdrg43UZA8AzobhThM43lSNgHsIxmwMVk7odaF4%2B2hFTAuwQTF0H7e5UlhkiZ8oA7Iwh5NXnhnduHMRGBiDM4RPYKZmc6Uuy%2BBvqJvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
cache-control
no-cache
cf-ray
74990dcd1c74695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
csync
sync.spotim.market/ Frame 6654
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58558/occ
  • https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
0
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
Adtelligent
Etag
b0ed34a450f7cc1a
Content-Length
0

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=488792&extuid=y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
date
Mon, 12 Sep 2022 13:40:15 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6654 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 6654 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3cj4nm6j26vevhcet3idjsiv7gfmkrjk
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Sep 2022 13:40:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3593 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFjm_lxoRXs4Pay8_1fzWNbfBsMwjGTA6nSj6l91rfufP5VtYD9Cg9j9DzYkSkjm029bukQNgfCIgTrhMqfKHOLIrAGbw2Ehoa-gFYltiP9hWosnBlMUJoHkzfqrdcqix0oUAyscg&sai=AMfl-YTDEXwWQWYd3RX4VDfc5amxjhprinkE0exOvcSxGaWcHUremuRbKtePUwON31xpF8588aWzAWLARv-cFhTSGO6EOu4mzEzmVJiIqQYS4QtYi7cHYIvv7TKkSNHtuFjw&sig=Cg0ArKJSzKGTFzz5K2ejEAE&cid=CAASUORoMYhle7HOnPxiBv5cdXn8IcDCQTBbp2tJLhWxCQ9E_ml4F59X6yakEAHXXZwh59YMLz433eW13aiF-xOr41xPHIQiYd33NoZMiNc2q1Mj&id=ampim&o=256,315&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1068&mtos=0,0,1068,1068,1068&tos=0,0,1068,0,0&tfs=750&tls=1818&g=100&h=100&tt=1818&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 1535 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEysIQ15dPcsJb7QcUjxPLk&google_cver=1&google_push=AehlK4BgYYXxXkRILdwtBLMrW4dz2FyPMWDDfyTkzoKle6woMkjrdiB8BK9kKpgaSKoSh2154c5237mL_iKaO2YbWtS9d2spG-o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1535
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AUfZMN...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTIxMzQwMTQwMDAxMDUxMjkyMzMyOA%3D%3D&google_push=AehlK4AUfZMNHliRHcXSO_5KzGxHLvS2Ure3e10D7Dm2l5Ahk6Qzgj6kxxEwMoLvxQ0gN7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTIxMzQwMTQwMDAxMDUxMjkyMzMyOA%3D%3D&google_push=AehlK4AUfZMNHliRHcXSO_5KzGxHLvS2Ure3e10D7Dm2l5Ahk6Qzgj6kxxEwMoLvxQ0gN72jTlxb_gyKo4xrcdSikizijRPfoauQ
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MTIxMzQwMTQwMDAxMDUxMjkyMzMyOA%3D%3D&google_push=AehlK4AUfZMNHliRHcXSO_5KzGxHLvS2Ure3e10D7Dm2l5Ahk6Qzgj6kxxEwMoLvxQ0gN72jTlxb_gyKo4xrcdSikizijRPfoauQ
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 12 Sep 2022 13:40:15 GMT
sync
odr.mookie1.com/t/v2/ Frame 1535 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELtVwqyzLlg50XFLFf8azGE&google_push=AehlK4Ba3Fvb8iKtPc72UXFEsKp1SlNyRzp2-hLpn25ooIcg-eZKku0xLZIOFR3BKCIMcRoKKRXClq0Rf4h_5Y_LJfIOfJLPCcI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 1535 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH8qV-OjYmqVE_ppkaN64CE&google_cver=1&google_push=AehlK4CpZzCxnVRcI2Cx6rhiUdEzluL72nfSD9C2m3RhzTTycEk0MKoIdI48NhFtUi13uMAbqv1-BafO4fx_A-KWTz8eha89kOQu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3089t25ea0ftem9te41avvfhpvabi5u9
pixel
cm.g.doubleclick.net/ Frame 1535
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMqqMziPgsTmJchfipWdEzs&google_cver=1&google_push=AehlK4B3V6o4c6HraXZ0JLK-jzdwkHkxx3SUNR6hASEKKIkCDApNwcHjW7xFjpmrT_D9mXb32od...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlgtUS1UQ1I=&google_push=AehlK4B3V6o4c6HraXZ0JLK-jzdwkHkxx3SUNR6hASEKKIkCDApNwcHjW7xFjpmrT_D9mXb32odjGkFNAsxlTBJWAqwB-Z2BV_C5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlgtUS1UQ1I=&google_push=AehlK4B3V6o4c6HraXZ0JLK-jzdwkHkxx3SUNR6hASEKKIkCDApNwcHjW7xFjpmrT_D9mXb32odjGkFNAsxlTBJWAqwB-Z2BV_C5
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlgtUS1UQ1I=&google_push=AehlK4B3V6o4c6HraXZ0JLK-jzdwkHkxx3SUNR6hASEKKIkCDApNwcHjW7xFjpmrT_D9mXb32odjGkFNAsxlTBJWAqwB-Z2BV_C5
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1535
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_hm=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&google_nid=index&google_push=AehlK4DrNlFnInZCvw-013Qq_K_lZF_JPoZIp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_hm=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&google_nid=index&google_push=AehlK4DrNlFnInZCvw-013Qq_K_lZF_JPoZIp0BzfiLU7OXMadXLellUvNG_TMf9YZkYWkguggpgLzH-H8RkfcbUMX6KGsKytb7Y
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V17ktdZKzHrOw6wb0D8QSyKGflmLA2ACMwKrZJUuwXHayjTRllLYs59YdBo5y3pVzw8BJhU9G5%2B31fooJVYgnhJ%2FOogbbARsLpEbjK%2Bfip0R6C70E%2FfCzco6Ix9QMQPIbIuSfAC4Ma%2FzMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBkq01cSqw7gfCniIF2qA0M&google_hm=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&google_nid=index&google_push=AehlK4DrNlFnInZCvw-013Qq_K_lZF_JPoZIp0BzfiLU7OXMadXLellUvNG_TMf9YZkYWkguggpgLzH-H8RkfcbUMX6KGsKytb7Y
cache-control
no-cache
cf-ray
74990dce2fa56933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 1535 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHDhnsTbqgEOypxuujostnc&google_cver=1&google_push=AehlK4CFKz05869bWWSk1MnUuMh5iElqTYGAGJDi7dGgSQkgY6mTtMaopRX5_tZqftCPIwnfZrYkjAtPCc-JZ2J0Js3m02ZZqtWB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 1535 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxHuXjaef_AtL1bg4F1yivxXdx7kXl3euibNbUNjG3I0ynsxE7HcYAnE1EXVNb1w7lA0bz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8CA9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:15 GMT
expires
Mon, 12 Sep 2022 13:40:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 858F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Ftrivia.braincandy.net
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
433be291f1ea19d280d86ce81164f98d1815e48c568a1e8e140f3f367656ead5

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
last-modified
Sun, 11 Sep 2022 12:01:08 GMT
server
nginx
etag
W/"631dce04-83c"
content-type
application/json
access-control-allow-origin
https://p.deliveryapis.com
expires
Wed, 14 Sep 2022 13:40:15 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C8D9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=730717
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:14 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://p.deliveryapis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://p.deliveryapis.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 12 Sep 2022 13:40:15 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 858F 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.deliveryapis.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 858F 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.deliveryapis.com
date
Mon, 12 Sep 2022 13:40:15 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ Frame 858F 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
1ba3af4b667c225a7575fe87388ac82e7ff5cdbcb801ed436755776984f67cb8

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://p.deliveryapis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
cdb
bidder.criteo.com/ Frame 858F 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=8222087056
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:14 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://p.deliveryapis.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/ Frame 858F 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://p.deliveryapis.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ Frame 858F 		139 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cfc6e382bd6e727612a2f4c8ca6f88651961040440d52aaac8f51b127bee6f57
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:15 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ed92474e-fd62-4963-ab89-657aa3ae43df
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://p.deliveryapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.spotim.market/ Frame 77FE 		0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=734125&extuid=$UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=654586
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
Adtelligent
Etag
85cd34a450e7cc1a
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 0E53 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28405
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 12 Sep 2022 21:33:40 GMT
usync.js
eus.rubiconproject.com/ Frame 42C3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28405
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 12 Sep 2022 21:33:40 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 21:48:59 GMT
server
nginx
etag
W/"630fd74b-16068"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Sep 2022 13:40:15 GMT
usermatch
ssum.casalemedia.com/ Frame 37F1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca510c3db2d0eadf2639bcbc0cadc9deddb490e167d476539a79bbd9c1db860

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dcf6e2ebbb9-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:15 GMT
dropped-udsids
230|39|241|45|176|190|46|3
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx56dGQdE6kmRl1YJph6HcQ8f7wdCdEl3KBnBPyEKsYmcFv75g2b1tOtqsXzNzlRU0HAIOnLntB5gKV1nemMxK2R9bGo0rYHSBLuR8AbsmJZk1RvyqXm88eVS2d6HcsDjGhkvzYz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame A206
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=2&key=6e6770b4-32a0-11ed-ad81-1f6fc1870506
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=2&key=6e6770b4-32a0-11ed-ad81-1f6fc1870506
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.105.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-105-5.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Sep 2022 13:40:16 GMT

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 12 Sep 2022 13:40:15 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=2&key=6e6770b4-32a0-11ed-ad81-1f6fc1870506
Server
nginx
X-fe
125
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 40F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Mon, 12 Sep 2022 13:40:14 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1
cookiesyncendpoint
sync.aniview.com/ Frame 2288
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=55&key=1191377105773987456
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=55&key=1191377105773987456
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.105.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-105-5.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Sep 2022 13:40:16 GMT

Redirect headers

AN-X-Request-Uuid
3fda1b78-459d-4149-b6b0-dc435abae342
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=55&key=1191377105773987456
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F297 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121602
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 13:40:15 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 23:26:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
occ
ups.analytics.yahoo.com/ups/58543/ Frame 4D8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 12 Sep 2022 13:40:15 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame B9EB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:15 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 4884
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=200&key=OPTOUT
0
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.105.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-105-5.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Sep 2022 13:40:16 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 12 Sep 2022 13:40:15 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=200&key=OPTOUT
pragma
no-cache
sync
ssbsync.smartadserver.com/api/ Frame 3CF7 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Sep 2022 13:40:15 GMT
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame D22A 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduVCmMqF-N3GmJqOF0kTIEzwCH58QDLvGGbpTSM9axBMTpCSTzqMLp9-lagT_KE3eTXYnjEqLGlV28XQ7nq5Di5jd5O_egd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55752
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"90f51fa2d1aa98d0551ea61d932b3758"
vary
Accept-Encoding
x-goog-hash
crc32c=gR1vIw==, md5=kPUfotGqmNBVHqYdkys3WA==
x-goog-generation
1662976678380982
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55752
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 13:45:15 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame D22A 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvDHiaqKEqA5HfkLC4MLZAzjRnKZP1NFutXAq4OaJOIYkqZ9SxIzrfvFEGdda00_SVKAtZ51KqlVbvt3rTyK8SAEZ0g9YcA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"2825d70ab2819e8897bb9086bbbc28dd"
vary
Accept-Encoding
x-goog-hash
crc32c=pVFUbQ==, md5=KCXXCrKBnoiXu5CGu7wo3Q==
x-goog-generation
1662976678583381
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 13:45:15 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame D22A 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv6ZOpez1Apo-L1r3yDhbiPZokTWvR6LsUGSX2vQNnHwn3zS_ecqwM6SRvdWGgRzzMxJ-FV9buhwJZxAq-f6GPamg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"0c5d0d53596c4b1a998570b05c2d57e9"
vary
Accept-Encoding
x-goog-hash
crc32c=03j/JQ==, md5=DF0NU1lsSxqZhXCwXC1X6Q==
x-goog-generation
1662976678581293
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
23786
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 13:45:15 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=trivia.braincandy.net&rs=trivia.braincandy.net&sid=9619&t=1662990015&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662990015432-982903183926-007218-003-006309&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=61639838801&d39=&d65=&apppkg=&cd1=sp_HQI9uHrd&cd2=Desktop&cd3=pitc&cd4=f46770ce-0b86-42fb-92f7-fa9a72fca111&cd5=Qin4yxWCqlLyU4_wQtD1H3cfAcsShhaRx53nqVa3kj5hxTepkL7OfMCGGmjpfrnY&cd6=stable&cd7=row1-column1&cd9=151404300&cd10=v21.6.0&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=6284bb0d2f143523756080dd&e=request&cb=1662990015775&asid=624573aa8dff10769651b304%2C611bbf7754a9882a7910fd04%2C61b73bd076b7bf32f6222ac4%2C62723804be4a590dd848c288%2C619ce3dce6572205164350b7%2C6228ab51aefe001d36464385%2C619e33605e94025d3d427cd6%2C62022abd388aac14502b5b97%2C61c496f36a6245407a70af5b%2C61dc3c1f735dec0c59711556%2C611b4d25ee6aae31897baf0e%2C621cbafa19a7ef4c74210e0a%2C627cf66a975d7e1b9a702787%2C61ba19723adbe351382564d4&ofpr=3.18%2C8.375%2C2.24%2C2.582%2C2.08%2C2.03%2C3.57%2C2.41%2C2.35%2C3.064%2C2.05%2C1.81%2C2.48%2C2.19&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.10.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-10-63.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 0E53 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&khaos=L7YTBGBZ-M-KEIH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 42C3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=L7YTBGBZ-M-KEIH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0E53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjBiN2Q3OTMxYjg5YzcwOTliNzg2YjBlOGQ2NGQ1NWVjMmQ2MDg2MA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjBiN2Q3OTMxYjg5YzcwOTliNzg2YjBlOGQ2NGQ1NWVjMmQ2MDg2MA
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjBiN2Q3OTMxYjg5YzcwOTliNzg2YjBlOGQ2NGQ1NWVjMmQ2MDg2MA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0E53
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9JWXd4-vSkKIFIiy8tE5Mw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9JWXd4-vSkKIFIiy8tE5Mw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9JWXd4-vSkKIFIiy8tE5Mw
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
MH6ZQQRS3JDZBXST3DMX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9JWXd4-vSkKIFIiy8tE5Mw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 0E53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7YTBGBZ-M-KEIH&sigv=1&esig=2~0263cdeb1f38d8ae6510e196bcfe6ae82f55db6c
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7YTBGBZ-M-KEIH&sigv=1&esig=2~0263cdeb1f38d8ae6510e196bcfe6ae82f55db6c
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7YTBGBZ-M-KEIH&sigv=1&esig=2~0263cdeb1f38d8ae6510e196bcfe6ae82f55db6c
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0E53
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WTW9uipgQTqWLWIy7Q0wmw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTW9uipgQTqWLWIy7Q0wmw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTW9uipgQTqWLWIy7Q0wmw
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
1M2KNKYPSWWANZZDB0AY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WTW9uipgQTqWLWIy7Q0wmw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0E53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7YTBGBZ-M-KEIH
0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7YTBGBZ-M-KEIH
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1E10AB1083384701BD468086E11A1199 Ref B: FRAEDGE1214 Ref C: 2022-09-12T13:40:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXoewkwzez5lCAFrIXJ9Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7YTBGBZ-M-KEIH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 0E53 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0E53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlotTS1LRUlI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlotTS1LRUlI
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdZVEJHQlotTS1LRUlI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 0E53 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tag
p4dt2-980w2.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-omhdu&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,sp_HQI9uHrd,1,,,&transactionId=fe171180-332e-4428-8978-2dbec9542e6d&floor=USD:8.375&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:db47:8d93:ff67:39f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
X-SpotX-Timing-Transform
0.000292
X-SpotX-Timing-SpotMarket
0.003705
X-SpotX-Timing-Page-Mux
0.000997
X-SpotX-Timing-Page-Require
0.000290
X-fe
029
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007372
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000325
Last-Modified
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003705
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001748
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2256f7c5f6628a48%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261dc3c1f735dec0c59711556%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d2d52fd3a8ab2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%229ea11d20-69f2-443c-a884-e9461519b701%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.064%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb5744d7fb3f2db60096437cbff8f1f4c02007964597597c7e056124970f165

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGDvaZY2RMY5wZQ0MNtJ4yOiK9Beo9FibEXFpvlLa3ULgyU%2F2N7tswS2uBeeed8NNYOdXlxBbkUIYMzNq1IQW5QSjRnAb9QKYOXXwFdJyO6PHvTXrocyxYgXrm5daghiQk4i5HuG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfaa7990dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2273461591390ee8%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22611b4d25ee6aae31897baf0e%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22833c669aae4d87%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2243907f67-f255-4a48-af45-dc8a90bf947f%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72aaba90d6c4409be1a0fc7c47f24602a9e480ec2ae2a157f5fbb1d652d7f015

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pz97b%2BsDUSGH0XktnPdFv0Irdgsd5o9XjvC9SxTVkVsQZVF5IyArMNizwS2FX1dZifVOgnc2lAgI8be4p%2Fbg7FgM%2BO1z1qwKuKPo1dnZjMAqnwNpk3k90v3QEa8iYd8YTlU06Fj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfba8a90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229507efcafb39f9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261c496f36a6245407a70af5b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221096a9ebea229e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%225d74aa13-1055-4dac-b593-8463434889e1%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.35%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
740eb48c82f04a10dbeab1b6a04d7f3fb2f9f918820b56854c775f67ce1b5747

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Feeh8SUxx2UIHjBjPR2a5os%2BE2RxS526Fktlu0Ud0mTYzmm1mbmvGN9gjT3Uxbkw59qlWbz%2BdEWcfVn6jF3UNqyK4N2jwScXNHamZav%2Bp6LAyiPT%2BNjE%2F1gCufY4RsBtXekUr7r"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfba8d90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22117ad1cb780d7ee%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%226228ab51aefe001d36464385%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22123fe3b3a737ca2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%223df5cc1d-1a27-41df-8012-a1cbcb9a5af7%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.03%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a7ac03dedb9826e0bba14684f3bfc1f7236cae3cec9805a0b80a57afbb3a10

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os46ncLd2%2Fc%2FaAHwK%2FL87hGineyEXX3PsZe1BuQUKzM%2Ftuygq0b3cymNRHWvvIK74jhFAL6RYD%2B1JfM6qO52PLI32gBbW0WDo1O9r%2BMTZ07dL7BF6PGyfWS3M2LepHwDRDJ7P9RE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfba8e90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213545ca422ddfcd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22627cf66a975d7e1b9a702787%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22146d379b67bb7c1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%226a3dfec8-f1f9-48d8-ac24-3d5834c4df98%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.48%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85fdfd97247aa0bee66b904cdd23dc9c4329d9fdf606992b6060b68976aff653

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ%2BY3Tb3wqyKr13F%2FEP7Gh8rbM0OfgCbzdSo3eq48oHpOFBfaKC4LEMRkhO6uhP3poMjduM%2B8sNE4tbXjmH5pr7KJo0B2nPb2nb6qurondfvNx%2BXK11qXldkuiT74a6sX%2BvWBB5n"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfba9790dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22154dcf2aa70ce7d%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73bd076b7bf32f6222ac4%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22165fed22fe2b06a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22e1470f26-3ae4-4c88-898b-190418503a7d%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.24%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c3784f5878defef556daefe26bcfe64243a80cc7abce7586daa46c85b110d7

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=274j6yLaZvmXjLOCAPeRXjvdGhm1dek6%2FO1PxBCG5PeeiHGn1CZk2JH68eE6fYK5Im2MzoQlJj7KfyOPX5LIUpMNC9WMSTmR12fMR80r0HgAY535%2F%2BvHC4TVGbzHtS0DJlRpBEPG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfba9a90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
X-SpotX-Timing-Transform
0.000336
X-SpotX-Timing-SpotMarket
0.003842
X-SpotX-Timing-Page-Mux
0.001085
X-SpotX-Timing-Page-Require
0.000470
X-fe
107
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.007896
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000439
Last-Modified
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003842
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001706
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2219b7b3dea28b85a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262022abd388aac14502b5b97%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222090cf55ef332b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22707d80cc-b966-4eab-86e3-9fe58ee98bd8%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.41%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6bf5d76ccea6eb68a5b23b04d0f7e4feeeeef5c9a59f550b0033ef7b97a5b4

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQSzSs%2FhEHLbW8Zy603Z%2BZPbR04YeHBLi0yXvN3X4oVQaMKygFweLtKJOPRb0EoXFvzbex9rg8QOTp9j7i1JmfYMUHc6RqPCf4IfB9pebL14BHKXsXUnfEjWQMqGmxqE0pMfTpSk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfba9c90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22215dfb10f50f104%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22624573aa8dff10769651b304%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22222e4eb9c6f534a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22772c6e79-e45a-45d4-8a4d-e99860e0e35c%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.18%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c450d31f38572a61737677524043711fb9695e77e28ec72c60a88089e05d4ae9

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDlR1hGp9sO7%2BJiA1xhBH0d%2B8mgP%2BBXe19Isv36LaFhn6NV1Ivb5RJlJujDGAa%2F3a6cmxFE%2B%2B0dPkV%2F%2FhLHkhAvI71o6YRA0q0W5VAgQhSylhZIDZfXbcUXQX7DniPCbmIkY33vO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfbaa190dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2223f3026d016ffbc%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22621cbafa19a7ef4c74210e0a%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22245a02870e9c7aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22a17181c1-e791-46be-a1f0-89cf0d8d2dd2%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.81%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801686257b6c40d5ddc142052b4606aa66f470ea4b4ff7fa5e93d4f43aa06bcd

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FJazm5drZ6xXQ8VSh82ZBYla8S3PHV0hJZln3ILLpXZy7%2BuxkhnBNjEZvKsxfk4BspE6Uqp2Dib4azOg1bLZyaF2MwGC96ddRfpar2aTgHO4%2FcnBUbbaOVVG0%2FLPCJBWT9VFAEF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfbaaa90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2225e8d84883b1ec3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22619ce3dce6572205164350b7%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226b957a2171a699%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%222e071290-f44d-4b58-ac66-574223c5e760%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.08%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
641d072a7f3d83a82893d6282ab96dc4b45e94445d5c8da5d1eb23482c8d8701

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FnkjWbJgj9VcEaNpjnhW4eakr%2F%2BURtL1Rw8rvFgjZcyaF7zkidI0%2B%2BNQzRbDe2TMhdUNnMxsRkatMHF3hKZMZpKGiQY3TPRKKoJeTVfEw5kMrmvLbjVJDMdV0u1GIXHB7Q4AaA%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dcfbaab90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
X-SpotX-Timing-Transform
0.000343
X-SpotX-Timing-SpotMarket
0.003838
X-SpotX-Timing-Page-Mux
0.001274
X-SpotX-Timing-Page-Require
0.000345
X-fe
041
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007879
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000387
Last-Modified
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003838
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001664
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000025
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B9EB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28405
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 12 Sep 2022 21:33:40 GMT
pixel
cm.g.doubleclick.net/ Frame 37F1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 37F1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 37F1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9N6BNEZJV2JYCFWYNECK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
VKV42RW3PKY0GCXTW2WX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 37F1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx82v5ge6IqyhHPwa4qmSQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMiNBVSTiAJoBYDxjOR3Vgo&google_cver=1&gdpr=1
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMiNBVSTiAJoBYDxjOR3Vgo&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd1ec8a9b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFYWFjuoOTV6Mbxw0MpGqBmYos6DS3U9OT%2F9vk7wvHG2wT7IumyL60RUXM2b2F62eTkR%2FFlGUkBS9t29gNSO4%2BUZfDsvlLJUj6sDg8Nx0u9wiOhZYGqE7LtUCCJyGkTH6bXNI2VX70UBXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMiNBVSTiAJoBYDxjOR3Vgo&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 37F1 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:15 GMT
content-length
0
server
a
getuid
ib.adnxs.com/ Frame 37F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
getuid
secure.adnxs.com/ Frame 37F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 37F1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e87a631f-36be-4f00-850a-dc03c98b21c5&gdpr=1&gdpr_consent=
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e87a631f-36be-4f00-850a-dc03c98b21c5&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd0b8ea8fe8-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Fn2Ge0lFjRopbENa%2Biwpk%2BHe9usoUJJRy0X31hoWHR2i9taRktHYEcsD9k3qWvr9oBhFBQlorUtx4k87M0X%2BsTGo%2Bewbei8wgg%2BefTewXqC1OYVqFs%2FLqKZjvptqtvfKBSzx6SarblLSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x32 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e87a631f-36be-4f00-850a-dc03c98b21c5&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 13:40:15 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 37F1 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662990015432-982903183926-007218-003-006309&biddername=42&key=Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662990015432-982903183926-007218-003-006309%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.105.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-105-5.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
content-length
0
ixmatch.html
js-sec.indexww.com/um/ Frame FC73 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 070A 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 12 Sep 2022 13:40:16 GMT
sync
eb2.3lift.com/ Frame C40E 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 12 Sep 2022 13:40:16 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F40D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32524
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 586501
X-Served-By
cache-lga21939-LGA, cache-hhn4057-HHN
X-Timer
S1662990016.302508,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame AF97 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8D9D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 834E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32524
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 565926
X-Served-By
cache-lga21939-LGA, cache-hhn4028-HHN
X-Timer
S1662990016.302893,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5469 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32524
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 585709
X-Served-By
cache-lga21939-LGA, cache-hhn4049-HHN
X-Timer
S1662990016.302199,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9443 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32524
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 586527
X-Served-By
cache-lga21939-LGA, cache-hhn4053-HHN
X-Timer
S1662990016.302282,VS0,VE0
sync
eb2.3lift.com/ Frame C7DE 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 12 Sep 2022 13:40:16 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame CB83 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 4AE1 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: dn0qt3r0xannq.cloudfront.net
URL: https://dn0qt3r0xannq.cloudfront.net/triviatoday-8NZt8FLGX9/braincandy/prebid-library.js?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 12 Sep 2022 13:40:16 GMT
integrator.js
adservice.google.de/adsid/ Frame 6654 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6654 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=trivia.braincandy.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6654 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2323655136479784&correlator=1025013699662514&eid=31068929%2C31069184%2C31069331&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=39694909%3A151404300%2CDBV%2CDBV_BrainCandy-HA_TEST&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x250%7C336x280&ifi=1&adks=759317598&sfv=1-0-38&fsapi=false&prev_scp=pitcSpotId%3Dsp_HQI9uHrd%26source_version%3Dv21.6.0%26topSpotId%3Dsp_HQI9uHrd%26source%3Dpitc%26pageViewId%3Df46770ce-0b86-42fb-92f7-fa9a72fca111%26isStickyAdUnit%3Dfalse%26slot%3Drow1-column1%26assetGroupId%3Dstable%26hb_rfBid%3D0%26amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=5&sc=1&cookie=ID%3D4d0883c8da504b63-2284eae41bce002d%3AT%3D1662990013%3ART%3D1662990014%3AS%3DALNI_Mb4X69gfRbTo8EteRxfTlD5xf-rLw&cdm=trivia.braincandy.net&abxe=1&dt=1662990016224&dlt=1662990014372&idt=554&adxs=248&adys=8073&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=czeol6ejydb6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=trivia.braincandy.net&loc=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&top=trivia.braincandy.net&frm=23&vis=1&psz=336x280&msz=336x250&fws=260&ohw=336&ea=0&ga_vid=805242697.1662990013&ga_sid=1662990016&ga_hid=48830909&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bb7aa64dcbc91767d034c02fdb2443dfeffb3c0b69b16b9cd738836de5db3fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
149842
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11845
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
209947
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6654 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cf8f38169b7cdf62621a4d7c98224d425da2b0e4ffc608a7d5104cb52b6669d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11103
x-xss-protection
0
container.html
3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9904 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:16 GMT
expires
Tue, 12 Sep 2023 13:40:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 5469 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
12777a62-ea11-41a3-be97-2f57d72b06a9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9443 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bce2f7fa-fb1a-4e0f-bab3-6ba41c2aa76b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6654 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 13:40:16 GMT
async_usersync
ib.adnxs.com/ Frame F40D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aaa77ef0-ef5d-4dc9-beb4-7f80b7cd6c31
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 834E 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
46d1b5dd-1880-4d98-9af1-36a606a0b458
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3E84 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63fe0e8f1173c02d56f90ff65606fa25f7fd8dee8ede033819e9f1cfad520f96

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dd2effc6933-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:16 GMT
dropped-udsids
73|206|4|88|190|65|17|57
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpAMcMdBdmaqw%2BFvWM8D4ZVUnfQdQFOZTw%2BeK%2BElpuQZrTTM6RHtp4XjRycKeX1JOHsYnFdoGQfiznJ8%2FXpST6%2FI1Cc0aF9P%2F1XJUanL2ysuXbpoiEM8LfaT8sxRYzpA%2Ba5XSDA24wjiuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame BD7B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41259c874b7f0bce9a2d007e76a2360f68ad1c5ba093116c67229a1762295acb

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dd2f80f6933-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:16 GMT
dropped-udsids
130|64|111|81|24|206|4|230
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8EASOOyx91ldC8V%2F2igwnhf2bYOIZGHA7tvx7RtAl3BUfbLn7013BWhhGcKYNa8fiC2xf5ujZmuGlj4rI0jh5lmoNWYHnXTVagmi7ed0L9tQ%2BkJz6ZMg52kdmw3ffJuSyVjdmNJDLl4rg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame DA6A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc029c3e04b018d13bdd586f31c9ea1ea3cdfa2cd4820b280d76226395ad105f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dd2f8176933-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:16 GMT
dropped-udsids
130|111|81|64|188|8|5|10
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8dOcmEKuWt5fJNYk1Fr9wdmMoxg5FafahrsK%2FLw11Uz0QjhG8E3e1WVxA0gnyPx8CquZgpF0L9DwdqsVhB3CM%2FvIonQWfAOxkhT65SG9dQXB8%2BocRBww8oyECtE%2Be7gjS0NSgh6XQZnpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame F010 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5ea6ea207d004879bf609754899016c502e09ca1868aea8e6f9fb09eb4ff55

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dd308206933-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:16 GMT
dropped-udsids
90|41|105|47|196|195|218|26
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1s7TaH3iWjuvHFxlSEKvMSfe1VgGlKwfTHNLjDHr1iNpUU4iGkjpzLj3AtJtq6GcVPoYO4j8AtQAqQX3tCHb8dHVKGLmuEM9Rbmw2mBR8h2YSG61V8f4ovjlV4psRBxl86e53yBHk2PA7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=trivia.braincandy.net&rs=trivia.braincandy.net&sid=9619&t=1662990015&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662990015432-982903183926-007218-003-006309&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=61639838801&d39=&d65=&apppkg=&cd1=sp_HQI9uHrd&cd2=Desktop&cd3=pitc&cd4=f46770ce-0b86-42fb-92f7-fa9a72fca111&cd5=Qin4yxWCqlLyU4_wQtD1H3cfAcsShhaRx53nqVa3kj5hxTepkL7OfMCGGmjpfrnY&cd6=stable&cd7=row1-column1&cd9=151404300&cd10=v21.6.0&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=6284bb0d2f143523756080dd&e=request&cb=1662990016498&asid=627cf66a975d7e1b9a702787%2C61b73bd076b7bf32f6222ac4%2C619ce3dce6572205164350b7%2C621cbafa19a7ef4c74210e0a%2C62022abd388aac14502b5b97%2C62723804be4a590dd848c288%2C61c496f36a6245407a70af5b%2C61ba19723adbe351382564d4%2C624573aa8dff10769651b304%2C61dc3c1f735dec0c59711556%2C611b4d25ee6aae31897baf0e%2C6228ab51aefe001d36464385%2C619e33605e94025d3d427cd6%2C6135e52135e75e007f36c34f&ofpr=2.48%2C2.24%2C2.08%2C1.81%2C2.41%2C2.582%2C2.35%2C2.19%2C3.18%2C3.064%2C2.05%2C2.03%2C3.57%2C1.95&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.10.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-10-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
X-SpotX-Timing-Transform
0.000354
X-SpotX-Timing-SpotMarket
0.004331
X-SpotX-Timing-Page-Mux
0.001202
X-SpotX-Timing-Page-Require
0.000601
X-fe
061
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.008859
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000492
Last-Modified
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004331
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001854
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000020
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2231a4dfc40f0dcf%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%226228ab51aefe001d36464385%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22327fc7fd0259c69%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2268051dc8-2766-4ad3-82b5-7aa6cb114b63%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.03%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef203f9058602086c01a81b2ac4dabd3c68eed1b7ef6138176347f9e04aebb1e

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9j45njHpb%2FXNaj%2BhTktqPiL0Xq0xWoa5jU5yHrIvGqxTMP16AQeGWxtsFLZdDWqBFDVjAAzVqGUZ5rvSAnuLP2RTS3EWNrk13eGTatIR71kWiCEXT5GflkPeUN67X73gxBsqVch"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3485890dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2233f08d08572ab99%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22619ce3dce6572205164350b7%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22342e131f42b35b1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22760da00a-174f-453d-aab4-842eecbc0eed%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.08%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
563573badd86b43fcb69151bfc0b244fea273c0431945414ae6a63a9a51e2dea

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1i7801mryLi%2BVIKFFgtIoFbjTzUIGUkQi2Z%2FwE7yOP0WjlJ%2FtyucJvS7V5gpdQaAslLTt%2BIbhriM%2B2lA%2FkqB9H1qqeGSPS7M9UO6FE6FsaNiiuOFLkyiDCSFlm%2B%2F9csLX%2FOAUpC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3485b90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2235858bfeb62b0dc%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261c496f36a6245407a70af5b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236cce6e6cefca5a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%228501142f-003a-4e09-8043-4d01a45de15f%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.35%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee96bb6aea84e17b4b9b02d725c2af85fc5b71f599bc7e342ba2cc53fc84b9c4

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57dnShIw1xj9jtIAS%2BwaNm3Ryv8KQz1v55dU4b99L6OSNq18SYmc4AL42CsHR08XFuKpEjJFMYd6alvKB7yy%2Fi%2Fk96V26NNOcePO97sXwA6RufXju4qd5rbv2PHtiSk1V%2FHwWeDR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3485c90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
X-SpotX-Timing-Transform
0.000283
X-SpotX-Timing-SpotMarket
0.003567
X-SpotX-Timing-Page-Mux
0.000864
X-SpotX-Timing-Page-Require
0.000400
X-fe
112
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.006759
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000312
Last-Modified
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003567
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001320
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223902bf2ade9cbc1%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22611b4d25ee6aae31897baf0e%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240d3f980a357442%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22ee597bf6-f5a4-49a7-8f9b-82f227765088%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d84024c5ff50153c1f52930a619cd204f7c6ea2f166529dad57a5e64a1ba588

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hYuiFLFQ81kswI5K7C2FAsvoPpzMRSFhfLc6zLzuwC0I3eANrWx2HvYLzzCuhH4uC1tsAuRagSWiKD8ErwfWbRE%2BsFzjQoXPV7OA99XHeYpvkhB%2BRHsOZXHCMBaITKY5f3ub%2BgP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3486090dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2241e98134718fed3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22624573aa8dff10769651b304%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22424c572eec5f0e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%223f776a13-f102-4761-9554-e857037c1f3f%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.18%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f3aafb5879031f2a79664f7d6dd36fca8df9fc4fec2c09fbbfa3cb9a53d0e2

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNupWFrivnIYiTsLvxqsZ4T5TeiWVohpxsrEozF2vvvlTGCFytUXR4IcmI6igpRkcgupK%2Blyx0%2FS%2BKyoHKQCRvR9jS4mOx6%2BATyMyCAjg0GcOS%2BD8jy07ZYE1sDWu%2BR24qA7STS8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3486290dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%224314744563441a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22621cbafa19a7ef4c74210e0a%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2244a877e3e0a948f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2267e1e74b-ac1a-4902-b186-8060ba8ab2cd%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.81%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b1af42c75126f98bdbb0db5fab30be396912a83756d2d5c2e080febf967a60

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NbMrVlBBpG1pyIIokon%2BApv2VxU3FNnuvxww9%2FbgxwddXeGnCJtkfjM%2BiOoQqD%2F3cApVEXjrBmuyOiP2yFmmwR0uBrft6jNPn8HSr8tjy2ZkAN1LvPckND4747Rj%2BSzAPKMaWnx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3486790dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2245694407aa8ffe%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262022abd388aac14502b5b97%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2246553c2d281f53c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22898cd811-b009-487c-b155-d9dde2635e60%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.41%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c27b3f42c35a124e99cd62bb62cb094783a5854b2d147d6443e5a97b2da93ed

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2Csm92nrP3MjYVP9csVSC7oCgHQax7MTWc6zICluaHNldiuw%2BtENHiK1gNAq1GmRU8sukMfT%2BdhXkwPaCRRZzhZTUjOrMXb18%2BxNovOsUvAEN4rZpEn8nN8jVHtVME7QEpRNjyD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3486890dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2247b2318d1c93736%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22627cf66a975d7e1b9a702787%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22480fff95d1e48c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%226c2ce7e3-30c1-4d00-892f-3877b32eb14c%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.48%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676273f78c354de2f0c23f889c03fedf0a51b4d055b1099bf5f79e6a5ff170cf

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbEGanoKlUsVvedBZ%2BPhg%2BAXxWtjdiUcgbn93n7%2BN0ymm57gixrQcFTRpK%2Fjmq2tC%2FidtvNQV1f%2FCPm8GUF5uCbfmb1gWQsRsW%2FYZFqJ08oBrv1QyyfJfhXTs1vF%2FyZcipnVUNvo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3586a90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22493d4981010f8e5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73bd076b7bf32f6222ac4%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2250c4d9ddecdfa0d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22ac719174-20d2-409e-94df-3f00e09b4666%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.24%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e2ab6e171ba702177b97049b8d02bcf9ed9f819d3d2bb55b2e6e3473849ee9

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S14BHnwVPUgKVjjYusjSEf%2Bko5IEuqi8mrPSvZRaSFJ%2BnQdAfS89N5fbQ7oMyU0Fjus0ebDpjKCbov%2FGL%2Fitd2oz3iD2WNUasZLj3EnfM4LkbAWRZrpOh9WvraH%2FDU%2BK9HNIbIKQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3587b90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2251138ec9d43dd38%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261dc3c1f735dec0c59711556%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252a25f3aea108af%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22c2d94ca6-41de-4077-a56d-ac6bad0b1cb7%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.064%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ee99d8fd2f093eefce822a202e9e07b0f3871a8305eb4469e117796bc537fb

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vix09HRKjsbj8pTRXjqnDCuC5G1pdVnC%2BfK7phEDlhETLceSM4w2LIMyLhoQ1Ft5E%2B3GxV4%2FWsSqdbbu6S%2B3DPWIgv2J3KFFJy14FmRstzxTcEsiLEiT9h8XbJPQRSlg73zUZNKb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990dd3587e90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
X-SpotX-Timing-Transform
0.000298
X-SpotX-Timing-SpotMarket
0.003886
X-SpotX-Timing-Page-Mux
0.001150
X-SpotX-Timing-Page-Require
0.000528
X-fe
113
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008650
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000451
Last-Modified
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003886
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.002317
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:16 GMT
X-SpotX-Timing-Transform
0.000283
X-SpotX-Timing-SpotMarket
0.003829
X-SpotX-Timing-Page-Mux
0.000897
X-SpotX-Timing-Page-Require
0.000494
X-fe
092
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.007398
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000298
Last-Modified
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003829
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001583
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1BC2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4380
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 12:27:16 GMT
expires
Tue, 12 Sep 2023 12:27:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B9F4 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
246f756556a838ecd33add27fd3b5f5dbf785c4b93d9063ea48d4a01ba7b8056
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--NlrZmBQqepRPJCG3hz99w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--NlrZmBQqepRPJCG3hz99w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:16 GMT
expires
Mon, 12 Sep 2022 13:40:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3E84 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1c03:949a:3875:f724 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
sync
ups.analytics.yahoo.com/ups/55940/ Frame 3E84 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 3E84
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3036409443098168304
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3036409443098168304
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd529c39b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQTYojjHZvRI%2FaWptmlbVuEJnsWOdeC6fl6dJeo6oBR9sfpW7HYT%2F6AuF6fZ9p4qRoRSrPBRhSYT8ze0Zv8dhoWBEHqlcwUcnba7E6QjjV1s2421avj%2F7sc5Fe1tG77r4jUYdh6YFXjSfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3036409443098168304
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 3E84 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1662990017.768164,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4075-HHN
getuid
ib.adnxs.com/ Frame 3E84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 3E84
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663076416&gdpr=1
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663076416&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd64ba06925-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wq7pnLvhdCP%2Fz2r15l%2B4wuGoWQ66g8ZkWJHKZNk%2Bt%2BdBOi5kpw2Rz%2Brjjwm3tJK4wLdU%2F9TucM1NxfjY59JHsm96aYCbxfyseUSg1IGP%2FRjYzaq4YpQfHb7XRSNN8HHGhjprN2cu"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663076416&gdpr=1
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 3E84
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd4e9489b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvTCpdn6uu%2BwVMpaCObWKoSCvuFrwrR6VpCF9KtFGw5iiWmL97RhHFFBCcnJJAB7OkoeP1o4dBuFK709xwQ7tIrh1V6H1EXZWPk0QN5mI9fAcLpNT9TPKY8tr%2B%2BqwC0hhBcBelnvcEmxXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 3E84
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196423217607265
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196423217607265
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd58a5d9b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFKQy3d2LxAmmirrYEVF4CHR1MDQYoMb2OujMwsYQUfSrcGwfS5lsgFu9KBjp4BXBV0j0rH2J0zctFT1r%2Bglp3Ky9gVXkjrKfyKAWQzfd0hNE4XVc5SfDbWJSh2udxtQIVfIwLcqknbVLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196423217607265
Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3E84 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd4ce55bb67-FRA
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
193
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 17:40:16 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame BD7B 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.154.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-154-120.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BD7B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
c1.adform.net/serving/cookie/ Frame BD7B 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame BD7B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd448279b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfvaWu53BkNXsz8t2FkkGK1OXuQDdyjFwTkuNHLDK%2F52nrLm0VSYHRO5PQh5IdXjgOtJMkwiEQy5qEg6RopkIhagBSBsIsBrN0cWoD7RM74kmP36l2DmRDMzZRWdChe0z7H%2BLaWKAXlCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BD7B
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2032ee11-ad24-4b35-83de-49d034da406f&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2032ee11-ad24-4b35-83de-49d034da406f&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMPt0g8tKigbZEHQeZg5tPTqC8f5Q7kHaEy64CQY4OZAIMLk%2F8lrE3U7m7klb%2FExcpvWpFeMtatkZXG4PtlNxe8l8NFWFWgIV9ZIxHTA%2FYV84HcrEQR%2BQZCak1W%2BT5BltYJcod5XJ0z75Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
74990dd5199e9b86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2032ee11-ad24-4b35-83de-49d034da406f&us_privacy=null&gdpr_consent=null&gdpr=1
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74990dd4cb1f921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame BD7B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame BD7B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3108467037136096240
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3108467037136096240
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd529c49b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm7aHONpLHLXY%2FI%2FMsGEzCDDgBvEEgbId4YsfnjLA5n95mk2sIeo%2B2v9qIumB6m%2B7ZLGduF21GeXhDvZAyd8wBgxZYT%2FWVPef0w6LMhW%2Fm5fbewk5wqKKCcWPHzaRmGWye2V2deQW4NonA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3108467037136096240
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BD7B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame BD7B 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd4ce59bb67-FRA
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
193
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 17:40:16 GMT
container.html
3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6811 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:16 GMT
expires
Tue, 12 Sep 2023 13:40:16 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ie
match.prod.bidr.io/cookie-sync/ Frame DA6A 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.154.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-154-120.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame DA6A 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame DA6A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd448339b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prTmWBCS014rx5UvV9rgloMpAfLljy7gjEqg%2Feuj18kzNckhFdhGIyPK5Q6upQIZJkzqAWalPrBZLREctqFztgrpNpnLAVFZpdP%2FjMrkoBtfpUu42EBc02GWW%2Bf%2F8OuB%2BDPXlhxkMn4sSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DA6A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieIndex
rtb.adentifi.com/ Frame DA6A 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.85.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-80.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
crum
dsum-sec.casalemedia.com/ Frame DA6A
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dfc364dd-7eae-4624-8c0c-fa874c3378d3&expiration=1694526016
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dfc364dd-7eae-4624-8c0c-fa874c3378d3&expiration=1694526016
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd69c489b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYn5ACGalK1rNSjLoFlBDatdofdxvclNauehbQ0mwJtVJQgoUyZhmh1tMV5CFCDnEz0uvt9KNdapZsi158ZBETvTlbWO0XOKy4P9OeN7j%2Bb%2FRjMpoQE8zragR%2BfBo0lz0VxkxMJ4wxhavA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=dfc364dd-7eae-4624-8c0c-fa874c3378d3&expiration=1694526016
Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
ix
ad4m.at/ad/sim/ Frame DA6A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame DA6A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692401733433
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692401733433
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd519939b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrTvOo7LseUOYFPODflKI6pNgJtpG6oMKaSy9YPvTCLw2tmtH2edkZxlyhHO88%2BXm5tb%2BFmWD%2FY91myIrd7bQC5gQ32Nb6FB1DhNuR%2FpZMmULzqsuFQujReU3siASXMEEagvb1aJmNwqNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692401733433
htw-pixel.gif
cdn.indexww.com/ht/ Frame DA6A 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd4ce5abb67-FRA
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
193
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 17:40:16 GMT
mut
ghb.adtelligent.com/adunit/ Frame 858F 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/y19247/hbw_master_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.deliveryapis.com
Date
Mon, 12 Sep 2022 13:40:16 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
no_match_opted_out
um.simpli.fi/ Frame F010
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:40:16 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 12 Sep 2022 13:40:16 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 11 Sep 2022 13:40:16 GMT
bridge
cm.adgrx.com/ Frame F010 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame F010
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd5fb309b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHfIfkmVGD07USZ9JVPXGDNHbXcFw6Al%2BsEJDjEob2JboTrsdFjnuoqVESM%2FFFPbxkSdUOuLwvw6UAbEHHJyDxwPUzH%2BwH9L3bS56cc36SaWl4A7ocoKo6P6%2FkKyxv3VyOkRdcOlTU3nqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 12 Sep 2022 13:40:16 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame F010
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd7febd9b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvO%2Br3PqnV7fndj5cwwkvmcz6fvbfHfHkLxQ3KkMRwb2X%2FZ2AvLid6KCZyqc6TvXeRzJdH0JUXICcquT6l2I2bXnK%2BSWwFipEnNNxvbbr40wL8JqGmvjHJ9euw25EGpmxMOAky84GxGBGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:16 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F010
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd5fb329b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iYYBuK2XoLes1X3myFeBZnJkWmY8CqSnCxtKs1LFsvg%2Fy%2FnIVgLhuz%2Fy2LD7WEI1LQj%2BVJwPxTxnBDcJOkbaJbJT8shtP9JmgIncuCUOs7mQtH1X9LM2sbyVKZvy8yRDVBcqKT3eKFkZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 13:40:16 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame F010
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13ce7289-7330-4681-8d48-8418dde65352
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13ce7289-7330-4681-8d48-8418dde65352
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd73d649b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSLFani55geCHSDwD0sRNX1%2B90OiHKnmD%2FCQp9LpYULK95JGvDRPlPkUWI5%2F6sr42r%2B12WITqL6%2FjvMJJ3zr6R4ztL2evt3Hbba5bp5P7MunBlGPEwvxoTUaIFci2FnihgOVM0bayKirGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-13ce7289-7330-4681-8d48-8418dde65352
date
Mon, 12 Sep 2022 13:40:17 GMT
server
Apache-Coyote/1.1
content-length
0
ibs:dpid=23728&dpuuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219
dpm.demdex.net/ Frame F010 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.100.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-100-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
/
sync.taboola.com/sg/indexscod/1/cm/ Frame F010 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40385
htw-pixel.gif
cdn.indexww.com/ht/ Frame F010 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd4ce5bbb67-FRA
date
Mon, 12 Sep 2022 13:40:16 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
193
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 17:40:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B9F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=2323655136479784&rc=
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 1BC2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 16:56:45 GMT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 6811 		1 MB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbffd580913c0d2908c6bb95e3efba94c3314b45a5504729b9170ea27a976521

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:45:31 GMT
content-encoding
br
last-modified
Mon, 12 Sep 2022 12:02:55 GMT
server
AmazonS3
age
3286
etag
W/"fe8d420cf4acea89d79d71f730870312"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
HmD9cfl0ahXqrlpS1AEMq42cVsBrMxzE
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA56-P7
content-type
text/javascript
x-amz-cf-id
R3dfzupxwCMfLP5UAiptSvxHdbGpOjRQ8uD8IyBYA2FFNffpqfTqAA==
generate_204
tpc.googlesyndication.com/ Frame 1BC2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-kX7ag
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ixmatch.html
js-sec.indexww.com/um/ Frame EE88 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 29E1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 13:40:16 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 67C4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc946d218eb2b241e5f48c6106a096ee8517edd6e0db48d2cb3e72aff98275d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dd6ae966933-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:17 GMT
dropped-udsids
123|11|18|156|218|17|64|73
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9g5H6ZF3mt5SMhUxRma4yALJrvDRAwgeNQkB6spcV1I%2B%2FZ%2FNir8pm5%2FwfJJG4eZvNZb05TooQUwe1Rddd5x3qf%2F74r7sp1Nyl3NcYgxPjf2b681k%2BkLUnPIOBCRLGJFFNsN3VatHF%2FJRKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame B0AA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62258687fc3580d55992b36e63209bbeef5c40197ac00526dc4c131efc3233e9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dd6aeaa6933-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:17 GMT
dropped-udsids
123|11|156|18|241|47|73|40
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpcSdMHVtG%2FuRH9XlryJY1p4XIBINCT6ZK9RVeSOGMw1LkIujLyeliHGQSezMuLJweEEGhQDj%2Bq8oWNST55S1UGHgqWrzYq2CKkbFqZ09x8%2BdK%2BsaoF8h0WqW8sQA0NqjMoc2wy5QI58Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
multitracking
ghb.spotim.market/adunit/ Frame 6654 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/x461941/hbw_master_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://trivia.braincandy.net
Date
Mon, 12 Sep 2022 13:40:16 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
init
gw.geoedge.be/api/ Frame 6811 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.20.76.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-76-38.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:40:17 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6811 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjNkKwDYfY6j-EY_hx_AP572S8A2eoaGuXKH56P6fA8CNtwEQASAAYJUCggEXY2EtcHViLTU2MTYwNDYxODc1NDUwMTmgAafKkKcDyAEJ4AIAqAMBqgSDAk_QK1vADYclQykKZuGun-KomIAeA3c0eq6ssEJpiv9HE_VaV_Rg1cOArAC3b8XGOdHp1Qoj9xBy9lbRSUxGZRpIy8CCL6SCPnRdioyjma_-Xt11495owHf5JsU9xg7VRKdJEUjOLq76_ZnQZUTTABJL5s1-L9wiCpJJ41KHDgfhyXTQec_XxDuDYceBg6MnpkGpYRPnbtkiYj-mbU0VakTCACAclu0YR4qLxs2_Dlq_DQY8Rv3ggUCIXZC4owmnVDCkm9prLdxUUjb04oppqR1QRa1mGALVk1iU4CQAVckkQJef4jHa8BJM00VmwzpaD2gAEitJ3_05wizGFA6pqXMoKmXgBAGABsD4u7TBvvb9AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTk2NjU0NjA1MDUxMjYzMDWACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTYxNjA0NjE4NzU0NTAxORj1zB8&sigh=E4PHAel3Dlc&uach_m=[UACH]&cid=CAQSOwCsnQUxdrRX2SAbNBZo3OMR0GFaagVC2B--kY_kDVOPsfhfJcetDGiNTVM8b2CLfs4Sl8511YKimFGmGAE
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
dr
as.ad4m.at/ad/ Frame B175 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hhqcjm2bxp7knay9k24xg3k8hf5a4mvgztyqb63sj21kyfeb2egfmb0kbnfk2xscbk9y3mty0my9a12xkgvxq30qkqjrw20g9s9b3tc3195dk441bp9kb3ratvx1xc794zf5qj4spveh2w5neajt9bh78ny0t74h745ad3944dk8e7zd3hkygk0redtend7695a7yv5yva8ag4dj13zd1y0srh2eff42qy2wnmxndvgtj3tmfrrxg2fahrm65xn216xpbfrdnwz7fe5zghv38gydsw72sbavy7wbsvsxm7nbzqe4xc6b7cf802z6mn09xdsbfn2fx3r8v16d8ragtdsdmqymyzhbxpra9zzjkfqaysqnyp8s4f1y9rmx2j14jtzcnxfhmgw24w2mwv9hbmy4st07kgj41nhj4dqah6w5rz6jzkp0&x=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec598b3ed8e6939ae87872e14395bea3da18043e2509725c78b967acfd6ad807
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74990dd9e8196922-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame AED3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cd17fec2090468dc4b4951f4534887e0dc7c29683908b10a6976ac68908114

Request headers

Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74990dd9cc626933-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 13:40:17 GMT
dropped-udsids
51|31|13|152|130|111|18|5
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6hJFXyvEOyDBpDtNF%2BnqHyIoqO%2FBaALePlxnVRzxL2FxX%2FL0IMGNu5JeqhCnVHBh8siBMj5WmieHwm8YM4f4%2FjvXMJyZRs0%2Fd%2FwTqROdIuhk9tYf3eWuDuGN4QRxmrb0sSge3xugxvXBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 6811 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 12:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 12:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DA8F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:34:57 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 10:34:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6811 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 13:40:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 6811 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:31:24 GMT
l
www.google.com/ads/measurement/ Frame 6811 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTii7ujEJGCnb6txI7HYCELMYFP6_0HNzdi4BE620fNTC8aLfcy7I_CDnvF2tsTeuw5nwOSKoVcGmb-lFhf3JfbzerneA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6811 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 09:18:57 GMT
v1
a5291.casalemedia.com/impression/ Frame 6811 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5291.casalemedia.com/impression/v1?bidID=d0c89a12-3bce-4cce-8ff1-7de03aa26dfa&traceID=ccfjdg7k0jno6pp12mj0&dspID=5&userID=Yx82v5ge6IqyhHPwa4qmSQAA&cmpro=1219&deviceType=2&expiryTime=1662990616&ap=Yx82wAAEfygIEfCPAASe5-9a5-IdmGv8vKhjBQ&siteID=354770&creativeID=1724466&pubID=189478&format=banner&channel=site
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.61.232 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
winResponse
prod-rtb.ad4mat.net/ Frame 6811 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jbh6sw2pyz6w4s0xqsnw9mp6katsn0fshffkp8gczwd4ew1f864mevmp5e2avx9z1pxsfp85bg66p4djb4kt434ne5bdwpdb3j8rn4mng8f2w13znw3kzfa6f428s93mt1bsn5ewt5crzz5y61rb9nqfd37kntm8e1ce3bvn7xekvmb2yn6c0pyt6kda2seax4328mwcsxpwcj14ddad9k1dt1wwzwsgb40123xjrc6kqg9vh4m9zrjx8b3rc1pcq15he5yrr0f86tqtbx09ffamhx62gp3fqmh24dxfqy0jhegdnchp0rzf41f9zj3ygb58tpap046m37qdcc2ba55myvtjk0kh3byctma1v1ggnr9dnnhxwn6cnvvwp6waca5e9v1gxbyb04t4rp9fw42txwdvqqh9swqgee75xsprn5j3gfc42bh8bg7tye8h3kje&b=Yx82wAAAAACzY8SDwghefhUQFMJI6I0w9IMh4Q
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:40:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 6654 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Sep 2022 13:40:17 GMT
async_usersync
ib.adnxs.com/ Frame 5469 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0e936d2d-4797-4aaa-9c36-4424104ed5af
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9443 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b95acc8c-71e4-4b2e-a54d-24a610809dbc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F40D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
01031dc4-fd4f-49a1-8571-65f5743b1d10
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 834E 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5614b508-adb6-4fdf-8fda-5ac4aef3e7e6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6654 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=2323655136479784&bg=!3t2l3ZnNAAZTikH4c4o7ACkAdvg8WoiFv-m2-xt6rIBrXVgLq0ah7n-OquL8MuE0WsUX0AecQylRgQIAAAB1UgAAAAJoAQeZAxBAy1gz-L1Rzhi6NlW4-rdhdQYOphGoaSZRqCUhTUyfzC5HMWdyMbLiSf8LLi9f1EzZSUPlZMwwh20sbyH5EKfTXt5JF8bnypQZ33xb5C2fODyS08u_KrOgHDFroKrveT6fy_NZSoGngcuqPJmC9nf8WqrnA_zt70T-PGAjPQaw03mJN9XqpisqCGSurMmczWUFzxd-It_QnrtJ8x3u3zekf6bv-URbApgikbnlVbd4pJ9kdjAzP5Tna93BvFC4znhDMdzLAu1cFelzJ018O7dWlWL9T-MG8nxRj0RPLgNM1yVkBzIoB-momW6DZnQTg6jvkbhBSU8wlhC6jfRckNPaa9xYYMssU2X9s1wRHUzSAdkYf_hLZAztH-C90B2DXFctJVy7lY5Y26EzB-NFgsCdPCObmAvFTSOAzWHiS3TTz3QFuRvBr-rMovXrvriQf6ekrDK904lcBwKIJrhFZ-aVAXbu-RlevMzfSZl5XLaMT6KDpxGqraBYsHSzOwNVovJhPTV6AhTWG_Or3Wi9f8sUf8Q4vTGIVPVSCj9qRoTQsS5Gp0Dvmh7hzZY85y8jK9Wt0mgIe8MlElLZnssFzGf-ufS226r1QQtMIQEikNmJoaKV3Mx99D-j69kIVD-f2YzoCFPN0AJC_q1MH3FPvz5DOq6pRDYY6g-pDsITuTHH6foKHRFFpWNaIcZfoOaL-b2fEAbA09tZLekhIclCLM8cQ_ZRT_cYjnYvWr6ZgZzjqwyyORY2vMrbfiyb74GWAtjfUi_KFojd4PJ7-K994hvEhaqO0FRgr8RVvygcde05f6n22oDAeG0FrdBvRJq97pa_GUmMIyDa3NjfRhubNMSmKiQ7qx00lOO1SVLNm04lcKTGi8HYUKsr_54pTpbTQwlwKYTPitiTl2WcJT-4SyfIrrQi1nvNqI2P_jRglqTG8C21xtqK7BvCuWTZAsbPOPWGt2I-uTvIuu4hOKC72xdja2AKBUskMlkiHfixaAfiPt4JIdEn3pcfYGTA9w7aBnun5bGUvoRUfopah_lQinB_
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame B0AA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=c0vclX78RgZhg5_QdxcvZlD_B2o
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=c0vclX78RgZhg5_QdxcvZlD_B2o
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddd4f929b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJvIgItr%2FCf%2BYSxJPDyxUdr%2BeQUmoPlpdbpYWoe81E97Fi%2Fy7AC0dowD3JiDl3PMnBkp%2FFJltX60W5WRHcRjCEXWCcdNh1eomMJdpY78SBA5VfbglulGu%2B0CAlyg6uqRXJd9WKYaFjunYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=c0vclX78RgZhg5_QdxcvZlD_B2o
Date
Mon, 12 Sep 2022 13:40:18 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame B0AA
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d991e3be-3945-40b7-bfc9-5549a4ca01ef
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d991e3be-3945-40b7-bfc9-5549a4ca01ef
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990de61c779b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OLmW2UIa7gVdhvQicq3Tz%2Bxx4fuh%2Byx%2F4V%2BzLNxz8iM%2FOIII1IrvEUgsiHJr6WePAGUt7nfFVv9Ixj5UtnZ63Z3FcB5HO%2F%2F5sc84OFPw%2FHM4%2BY5sCXGnu%2F6HN4p2kegx0c98hqAk3e03w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d991e3be-3945-40b7-bfc9-5549a4ca01ef
date
Mon, 12 Sep 2022 13:40:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
cookiesync
bttrack.com/pixel/ Frame B0AA 		35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 12 Sep 2022 13:39:48 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-type
image/gif
content-length
35
expires
-1
crum
dsum-sec.casalemedia.com/ Frame B0AA
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=1b1bebb5-2445-455d-b551-f28ae5396a8d
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=1b1bebb5-2445-455d-b551-f28ae5396a8d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddbbd349b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO3Qi3u8kdY6Lg7uRgkQMaWZI0TOsoNPWwUxeOx9z3fqLf7jTpEPfBH%2Fn9RjdF7BRAjuA7ponKoS3bKE%2FNCcQXZE5jbVkHgsm8sWC7KBxfyeuxAoq%2B6dTrm%2BcVcKM%2Fl9gQooC7fWTXDDUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 13:40:17 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=1b1bebb5-2445-455d-b551-f28ae5396a8d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
dcm
s.amazon-adsystem.com/ Frame B0AA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
J3C551C9MWDWDR7HBPHA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
R9ZP0TTVWD67YFCH21PA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B0AA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dda5ae09b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xksTb9c46UZ%2F1uEtl2vOVtLgs5Vkiry1udQ%2FW55VEsY1bt1Ge5tUS7k2UZDPg9gwg3txrqSi5J58TS%2BBtIh84iqHFHx8xI8xfOSks7JFRmEaVT1hTalOWHDaekwmImUOT89%2BXmwbwOyHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ZtOSrDyf1OxJFC5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B0AA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1c03:949a:3875:f724 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
cdn.indexww.com/ht/ Frame B0AA 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd9fd8dbb67-FRA
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
194
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 17:40:17 GMT
rum
dsum-sec.casalemedia.com/ Frame 67C4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2LzLJv21QixZtEcWmuVcO1D_B2o
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2LzLJv21QixZtEcWmuVcO1D_B2o
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddd4f939b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICNV8LtL5S10PjWWmhMa6jG1xlvcac3zskmf3M6wOIj1N2BsPJc0ulArTtCJsg61bYULTknAl8b2GuKpjm82C7UWtsLNxooyMQLmuRHcQ2%2BDkGIId4IpFFaPzbrJLWK8CU3ahRh1KvzWig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2LzLJv21QixZtEcWmuVcO1D_B2o
Date
Mon, 12 Sep 2022 13:40:18 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 67C4
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=853a841c-4ce6-410f-a6a5-1f2d2a44cada
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=853a841c-4ce6-410f-a6a5-1f2d2a44cada
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddb2c5f9b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpZtdmfVnl2dyNSolEt%2FGQSicTIcDeD1E3dYXpfRBzPyw6QYR5jRRryboJH6fQImaRC6VHiX2sVcCL57zzm2cc2wGqWpMFayqNG7UqIJbmtu2sRlcjVNfz2ickBFBHHC7oBVo2ip4pb0aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=853a841c-4ce6-410f-a6a5-1f2d2a44cada
date
Mon, 12 Sep 2022 13:40:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 67C4
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=86bfd824-c6db-46af-882d-ecfef7071ee8
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=86bfd824-c6db-46af-882d-ecfef7071ee8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddbbd3a9b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5qUQDp0Cj9KrPi%2FnVJO3lAswG2gI9o7Xe%2B7NEZsZ9Y0bmLzkOrfK1%2BT8tbrUey97SzqlpVLpXbU3NN5E5RFB15GZZtMjwK4Bay9qECCHM4uCUdaXqgD0ISAQw3iQEzsUD8ia9zLB4JYgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 13:40:17 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=86bfd824-c6db-46af-882d-ecfef7071ee8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
cookiesync
bttrack.com/pixel/ Frame 67C4 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Mon, 12 Sep 2022 13:39:47 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-type
image/gif
content-length
35
expires
-1
ibs:dpid=23728&dpuuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219
dpm.demdex.net/ Frame 67C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yx82v5ge6IqyhHPwa4qmSQAA%261219?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.100.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-100-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 67C4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddadbba9b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWdh%2FdSTeqj6gRnQpd4WNvRueYLXKwAfGK5e%2F6ekbCSU1yZCHp0r0HnMXnoFxVo7enw8swoWiPu4xoF2P8a3EpPGIdHW2eUVNkOK7AhlkTFcFJMA%2F6EYOWX0rrJhDa8EZRYnDfEtIAbgMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 67C4 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:16 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 67C4 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1c03:949a:3875:f724 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
cdn.indexww.com/ht/ Frame 67C4 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx82v5ge6IqyhHPwa4qmSQAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dd9fd8fbb67-FRA
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
194
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 17:40:17 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 58C7
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftrivia.braincandy.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.196.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-196-70.compute-1.amazonaws.com
Software
/
Resource Hash
b61ae15b53da89093a356ffab7d3b6e62522928e60b739bfef23ca46161cb84a

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 13:40:18 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 12 Sep 2022 13:40:18 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 13:40:18 GMT
location
/um/cs&eq_cc=1
truncated
/ Frame 6811 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e8ec0ca8d5420870f1be10a5c2cb35029c697c411601ea0e008bb9a8b6d6f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 858F 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Sep 2022 13:40:17 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame B175 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hhqcjm2bxp7knay9k24xg3k8hf5a4mvgztyqb63sj21kyfeb2egfmb0kbnfk2xscbk9y3mty0my9a12xkgvxq30qkqjrw20g9s9b3tc3195dk441bp9kb3ratvx1xc794zf5qj4spveh2w5neajt9bh78ny0t74h745ad3944dk8e7zd3hkygk0redtend7695a7yv5yva8ag4dj13zd1y0srh2eff42qy2wnmxndvgtj3tmfrrxg2fahrm65xn216xpbfrdnwz7fe5zghv38gydsw72sbavy7wbsvsxm7nbzqe4xc6b7cf802z6mn09xdsbfn2fx3r8v16d8ragtdsdmqymyzhbxpra9zzjkfqaysqnyp8s4f1y9rmx2j14jtzcnxfhmgw24w2mwv9hbmy4st07kgj41nhj4dqah6w5rz6jzkp0&x=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hhqcjm2bxp7knay9k24xg3k8hf5a4mvgztyqb63sj21kyfeb2egfmb0kbnfk2xscbk9y3mty0my9a12xkgvxq30qkqjrw20g9s9b3tc3195dk441bp9kb3ratvx1xc794zf5qj4spveh2w5neajt9bh78ny0t74h745ad3944dk8e7zd3hkygk0redtend7695a7yv5yva8ag4dj13zd1y0srh2eff42qy2wnmxndvgtj3tmfrrxg2fahrm65xn216xpbfrdnwz7fe5zghv38gydsw72sbavy7wbsvsxm7nbzqe4xc6b7cf802z6mn09xdsbfn2fx3r8v16d8ragtdsdmqymyzhbxpra9zzjkfqaysqnyp8s4f1y9rmx2j14jtzcnxfhmgw24w2mwv9hbmy4st07kgj41nhj4dqah6w5rz6jzkp0&x=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1204296
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74990ddac94e9bb0-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame B175 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hhqcjm2bxp7knay9k24xg3k8hf5a4mvgztyqb63sj21kyfeb2egfmb0kbnfk2xscbk9y3mty0my9a12xkgvxq30qkqjrw20g9s9b3tc3195dk441bp9kb3ratvx1xc794zf5qj4spveh2w5neajt9bh78ny0t74h745ad3944dk8e7zd3hkygk0redtend7695a7yv5yva8ag4dj13zd1y0srh2eff42qy2wnmxndvgtj3tmfrrxg2fahrm65xn216xpbfrdnwz7fe5zghv38gydsw72sbavy7wbsvsxm7nbzqe4xc6b7cf802z6mn09xdsbfn2fx3r8v16d8ragtdsdmqymyzhbxpra9zzjkfqaysqnyp8s4f1y9rmx2j14jtzcnxfhmgw24w2mwv9hbmy4st07kgj41nhj4dqah6w5rz6jzkp0&x=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
529222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQzxrXxO39APOSFcbwnVK%2FG%2BiNCKcYeT21vwpoWNR5GdsiDUsteKTmeYTnmDhaWKg5Upor0HLPHjpauB3ZXX8hfi%2BfuqSmTb5zjEMYoPV4Ox7%2BMwWGW7F1Bn594RzoAykVCRepw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 10:56:39 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74990ddac94b9bb0-FRA
cf-bgj
minify
sync
x.bidswitch.net/ Frame AED3 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.157.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
noop
px.owneriq.net/ Frame AED3
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162764171194441788&uid=Q7162764171194441788&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 13:40:17 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 12 Sep 2022 13:40:17 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame AED3
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddf9b289b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLQkcZxIfKLWMu9QY5%2BxwMppbsdhLuUZa02v1FJt8wJXi5v89K%2F8l3nTT8UmBGVc880M3xRAxV0SMUVJSdAxnK7psp4UeRhpc0sI9x3Kzw4AN54G9CAEKNqdLJQTEMnmNCSsT8MYqgKOag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Mon, 12 Sep 2022 13:40:18 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
crum
dsum-sec.casalemedia.com/ Frame AED3
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b4115738-598f-4a51-8b9f-013d60b6ac60
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b4115738-598f-4a51-8b9f-013d60b6ac60
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dde39119b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOMv9gcyvqxRE7Hjxnwxj%2BkwjDXhdOFKh0B380q1ncfjAn2dyQLg4mSX6ZIkI4y3Dgs5Evn7RYlkUcCwBvazisQ%2BSPviVxqAZIgfueCFaPp%2Bc9ac0hDo%2BX3YBKRSjV6a3yTMCwaHmY5NQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:18 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b4115738-598f-4a51-8b9f-013d60b6ac60
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame AED3 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.154.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-154-120.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame AED3 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame AED3
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=3f34970c-22ed-461d-8a35-fd0f6e8250ff
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=3f34970c-22ed-461d-8a35-fd0f6e8250ff
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990ddbbd369b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yh%2FnJjAFhkOmN1tNs%2B2UmRpgdH%2BQBNIBU3MvQdso4C7N5Vgo6A4JiT8d%2FKQlpEUqNltrh8n%2Fxl%2Blvio4f79x9IEAKJcyrvKyW87DgxFmnZr62t0EAlb0%2B5EsuPjV5W7paWDhbm5gsFYKKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 13:40:17 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678628417&external_user_id=3f34970c-22ed-461d-8a35-fd0f6e8250ff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ix
ad4m.at/ad/sim/ Frame AED3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AED3 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yx82v5ge6IqyhHPwa4qmSQAABMMAAAAB?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189478&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 12 Sep 2022 13:40:17 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2708
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Sep 2022 14:25:25 GMT
pixel
cm.g.doubleclick.net/ Frame DA8F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAEgm0gdkftBfwy742BHFOE&google_cver=1&google_push=AehlK4AHZsgpRPHR1T4Sz4LB7iZiEXVk7dVkC6N9xqLtGWquSX2LSiN1pPeNHFuQOBn4Ukfx1VzWo0oGLHC6q-SxbWWmqvvT3wO-
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B200686F9F8B4C0988AD06A195C41F09&google_push=AehlK4AHZsgpRPHR1T4Sz4LB7iZiEXVk7dVkC6N9xqLtGWquSX2LSiN1pPeNHFuQOBn4Ukfx1VzWo0oGLHC6q-S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B200686F9F8B4C0988AD06A195C41F09&google_push=AehlK4AHZsgpRPHR1T4Sz4LB7iZiEXVk7dVkC6N9xqLtGWquSX2LSiN1pPeNHFuQOBn4Ukfx1VzWo0oGLHC6q-SxbWWmqvvT3wO-
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 13:40:17 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B200686F9F8B4C0988AD06A195C41F09&google_push=AehlK4AHZsgpRPHR1T4Sz4LB7iZiEXVk7dVkC6N9xqLtGWquSX2LSiN1pPeNHFuQOBn4Ukfx1VzWo0oGLHC6q-SxbWWmqvvT3wO-
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 11 Sep 2022 13:40:17 GMT
pixel
cm.g.doubleclick.net/ Frame DA8F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFGnsys_jRp9sIHZpNMCtzs&google_cver=1&google_push=AehlK4Aw7cK_6rIkE7FG5gFbkVC_bCVeoHTWGwrPhXKIQNnWgKQHhnYK3fmbAk3bHbbeW7zFW_o3nc2BTHlFREkoiP4WNNm...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Aw7cK_6rIkE7FG5gFbkVC_bCVeoHTWGwrPhXKIQNnWgKQHhnYK3fmbAk3bHbbeW7zFW_o3nc2BTHlFREkoiP4WNNmrI4QC&google_hm=MzcxMDc1NDE3Mjg2NTQxNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Aw7cK_6rIkE7FG5gFbkVC_bCVeoHTWGwrPhXKIQNnWgKQHhnYK3fmbAk3bHbbeW7zFW_o3nc2BTHlFREkoiP4WNNmrI4QC&google_hm=MzcxMDc1NDE3Mjg2NTQxNjY0Nw%3D%3D
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 13:40:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Aw7cK_6rIkE7FG5gFbkVC_bCVeoHTWGwrPhXKIQNnWgKQHhnYK3fmbAk3bHbbeW7zFW_o3nc2BTHlFREkoiP4WNNmrI4QC&google_hm=MzcxMDc1NDE3Mjg2NTQxNjY0Nw%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame DA8F 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEP2YTRlrSwfuz3TlnHLlVE4&google_cver=1&google_push=AehlK4A1D7UqndeKY8MQG1P3vJWr7r8qtC3VYPQErqLzsoqo_3T1jJ4WWmqoH81KFzBICPhgaRHDeu0_8BZMhOkErJXIltMcT-9F
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Sep 2022 13:40:17 GMT
pixel
cm.g.doubleclick.net/ Frame DA8F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGPRYVmPRqK53yaeJALK25E&google_cver=1&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVsJuaOG...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGPRYVmPRqK53yaeJALK25E&google_cver=1&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVs...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk3MTEzODg0MTQ2MDM0MTEzNQ&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVsJua...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk3MTEzODg0MTQ2MDM0MTEzNQ&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVsJuaOG3Q90pd8_jnzYe9dTKgo
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk3MTEzODg0MTQ2MDM0MTEzNQ&google_push=AehlK4CyY1s6QO7RGedBf8n0De3qZ1WLFrg_s6NcYraTozxuQFwHfuZ0LtA5YDC4HX1DZKtbWVsJuaOG3Q90pd8_jnzYe9dTKgo
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame DA8F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.targeting.unrulymedia.com/csync/RX-fcdd223b-098a-43f3-a065-8b6c1eea7a11-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4ASTLoLIacJgCNT6Ckej...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4ASTLoLIacJgCNT6CkejpshCUJR_9hkYaURsyn1V6MHCpJ1NITFjuG8A2jyZtT53fKA7MfLn8vrI5YK_08m-muP7tPvWEXE&google_hm=A_zdIjsJikPzoGWLbB7qehE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4ASTLoLIacJgCNT6CkejpshCUJR_9hkYaURsyn1V6MHCpJ1NITFjuG8A2jyZtT53fKA7MfLn8vrI5YK_08m-muP7tPvWEXE&google_hm=A_zdIjsJikPzoGWLbB7qehE
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4ASTLoLIacJgCNT6CkejpshCUJR_9hkYaURsyn1V6MHCpJ1NITFjuG8A2jyZtT53fKA7MfLn8vrI5YK_08m-muP7tPvWEXE&google_hm=A_zdIjsJikPzoGWLbB7qehE
date
Mon, 12 Sep 2022 13:40:18 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfcdd223b098a43f3a0658b6c1eea7a11003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame DA8F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJJ8t0YxqPmW5woa6DvUu-4&google_cver=1&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0AL7uf1YYHfbZuvQj4PKF_Sohc6juFMEnyiwh0A7UklM
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0AL7uf1YYHfbZuvQj4PKF_Sohc6juFMEnyiwh0A7UklM...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkzMDg5ODE5OTE5NDEzODIzOTg1MA%3D%3D&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkzMDg5ODE5OTE5NDEzODIzOTg1MA%3D%3D&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0AL7uf1YYHfbZuvQj4PKF_Sohc6juFMEnyiwh0A7UklM
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkzMDg5ODE5OTE5NDEzODIzOTg1MA%3D%3D&google_push=AehlK4CldHQz1DUs2K889Dsr8rJk4hu9ij3uzHz1PBGydYkOZ_9s3LI0AL7uf1YYHfbZuvQj4PKF_Sohc6juFMEnyiwh0A7UklM
date
Mon, 12 Sep 2022 13:40:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame DA8F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJP8W4zX5qUpNiM-bCE9wQA&google_cver=1&google_push=AehlK4C4jzALxGLP9Nr-1ckCBvtLPFeXau_ghFwQx4-WbU1iy76zq0NrOePJ8lm2VqZAceFZx5Q28xEmauu...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4C4jzALxGLP9Nr-1ckCBvtLPFeXau_ghFwQx4-WbU1iy76zq0NrOePJ8lm2VqZAceFZx5Q28xEmauu2apc6KdHZYK6M8e2s_w
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DA8F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jcts0iUEd9s_psms0IuZIa27rpXK63Sii301FJSmTKCbZgGW-vp5VGbeRPSVEek7DRsGcofQ
Requested by
Host: 3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
URL: https://3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
syncframe
gum.criteo.com/ Frame 14DE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=trivia.braincandy.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.deliveryapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:17 GMT
server
Kestrel
server-processing-duration-in-ticks
916955
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 858F 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:17 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 21:48:59 GMT
server
nginx
etag
W/"630fd74b-16068"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Sep 2022 13:40:17 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B175 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19894300
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4tofBS0qzqufdHVk4bqrB7adI2ldUN7M2iYGy7%2B%2Fr01ueixMyx1Y7DNaqd4KuapRiVYdyOekC9qgih8bd7IeVtSpp1QT2jCIE4yq2YMFQTq05QRv7I2zoVIgvFGzTr2YNDw%2FeSPeaHBoQptKdZfFemJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
74990ddc9eae9957-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
frame.html
ad4m.at/ Frame 37EA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1532106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74990ddb6a749bb0-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 13:40:17 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1wyB%2FRgyWtQhSSpeu3P4uMxmvf2S8idiN1kAZqJTmuWfdsLpg9%2F7FoxAnKwjyX7NVTzkCl%2F7lb0ywx2KH9EjWTSGxReS79S65Jubkr5S2px2iqY7o4fMJwfj1JvtQnGD3AjNMA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame B175 		789 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ecd095f8a19c92fa14f3bb99445ea27be76a28d9ce12d4dd58fcb6971b8b36

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74990ddc9bfd6919-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2f7gQwXcQmFDKdKpZaZ8zpKkoWXMxVuGNWRwZpBCzG09n7NrVweRWCX1zIv4hnQfyC4S%2FKWClR%2BJkTY27tfwHwrk3sRD6tJ8L8LOeK%2BMhOqAV5j7MwezcDTYElPCP6KqAFz%2BHac%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74990ddc1b2d6919-FRA
content-length
24
content-type
text/plain
date
Mon, 12 Sep 2022 13:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqOHJ4NEkz9Tq068cy0Nm22Jrhw3IcuFDvu8Hm5KEgiTa%2BItn%2FZBPjDQw6fclcjN3aRP%2B0pMCBDQt0aeuLqyqJ3Gj01PFLQ4G4CCwv2vi11ShPL1lnlKtAvQbecRpzQLfRnqQW8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rar
as.ad4m.at/ad/ Frame 7C32 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99dfd2be60250512f0f146a60168f47a8a50bedef2f2b689334332df9b270584
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hhqcjm2bxp7knay9k24xg3k8hf5a4mvgztyqb63sj21kyfeb2egfmb0kbnfk2xscbk9y3mty0my9a12xkgvxq30qkqjrw20g9s9b3tc3195dk441bp9kb3ratvx1xc794zf5qj4spveh2w5neajt9bh78ny0t74h745ad3944dk8e7zd3hkygk0redtend7695a7yv5yva8ag4dj13zd1y0srh2eff42qy2wnmxndvgtj3tmfrrxg2fahrm65xn216xpbfrdnwz7fe5zghv38gydsw72sbavy7wbsvsxm7nbzqe4xc6b7cf802z6mn09xdsbfn2fx3r8v16d8ragtdsdmqymyzhbxpra9zzjkfqaysqnyp8s4f1y9rmx2j14jtzcnxfhmgw24w2mwv9hbmy4st07kgj41nhj4dqah6w5rz6jzkp0&x=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74990ddcfd499bb0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:18 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 7C32 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1204297
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74990ddd7e199bb0-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 7C32 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331225
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAwzebmBFMR0sdd6f7%2FS1nr4Zgm%2BZz9oDxf9aUdv%2FFuIPflutKFxC2n6UD%2BaA4EuedRBMFaNmjHKTvPSToawrhPEV%2FQMM6hwyovCSIUa%2Fsq7HvFobQHkkm6L9dNuCCDT82cKST2lXG3uw9XV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 13 Sep 2022 13:40:18 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74990ddd8e376922-FRA
cf-bgj
imgq:85,h2pri
AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 7C32 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
931224
cf-polished
origFmt=png, origSize=155400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95550
last-modified
Thu, 24 Mar 2022 15:45:36 GMT
server
cloudflare
etag
"6fddd7204b0a0a403f584248bda12d72"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2B2o5UIKdPv4Zqk3vnqrPEFhxcmqa4k4dAt6wiGp7RktkJTt%2Bcmrjin1k8SXey2QCD4GsZsn2tjlzZBiTAxJilL%2B%2BEP6P9xFE50oaVPtTtzdvYYxzV6DZj9em3m0TLcmJu8rWOmho%2FzEE2XE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 13 Sep 2022 13:40:18 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74990ddd8e436922-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 7C32
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CM_Otcqwj_oCFV-T_Qcd2AoKVw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1662990018_70b63960-32a0-11ed-a5a1-2235383f8385
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1662990018_70b63960-32a0-11ed-a5a1-2235383f8385
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:17 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Mon, 12 Sep 2022 13:40:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1662990018_70b63960-32a0-11ed-a5a1-2235383f8385
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 7C32 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1620132
cf-polished
origFmt=png, origSize=35453
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1GK8NJBBpuD%2BLaXw39j884kRFdaVficaxDOVggMF0VXR2C%2Bkwv6Emq4Oa6iLSZqAyLTHHzXQFzuRsneFACM1yH%2FdISBhZJNMf1PuTLSmPGqSbBbF8ztNxlaNsfw3l1C52B6xHYvlbt1HN5j"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 13 Sep 2022 13:40:18 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74990ddd8e386922-FRA
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 7C32 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1025
cf-polished
qual=85, origFmt=jpeg, origSize=83479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o36D46N%2BvEgPCRqTS92hxlKqp6MBl6MlwhFWRF%2FRQvt5sxccW%2BK2tadxLdiLHB5j701aRTlotWqrFzPoGeEjJH0QlIFtfuydHVYzY8ZT2hu9yEyvoLktlmZKVC02I7sgo3q%2FJA4hWsxYEDuj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 13 Sep 2022 13:40:18 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74990ddd8e426922-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 7C32 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1oneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 13:40:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
assets.ad4m.at/logo/ Frame 7C32 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1057
cf-polished
qual=85, origFmt=jpeg, origSize=27926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9624
last-modified
Fri, 04 Dec 2020 11:16:28 GMT
server
cloudflare
etag
"47002e1929641ef35481b6bce27c6dda"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ko%2FiU3l%2Fq4xQ7ETdvMFRwPbqIPU8eomRUkNCoXraWO5ApOOoWYlhervNfz%2BdRqJHkkfA0u3gb3XuPBTlvSUmhEGW76lUA%2BzvQpuW6RG6Otzda3PVU6mVg2EicFmsi7%2FCv3DiFac1mVw8mYiF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 13 Sep 2022 13:40:18 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74990ddd8e3d6922-FRA
cf-bgj
imgq:85,h2pri
FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
assets.ad4m.at/product_image/ Frame 7C32 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1062
cf-polished
origFmt=png, origSize=446787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
289896
last-modified
Fri, 04 Dec 2020 12:36:47 GMT
server
cloudflare
etag
"f23fb93575be392d52c9c297c7323368"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdFMUWXZGb6lWQisov%2Fn235a4Z9hlawg%2FwhAzc%2BFiYrr3%2FklLcehyg72g3s76SAceJXDgM07sxQ%2BbUfRn9zdj%2FiuQ5hY9FTxRj1t4e5PotYuOmN3hzk5XN0s0v9mbycQ8528pnYjO9ZRs0zX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 13 Sep 2022 13:40:18 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74990ddd8e3e6922-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 7C32 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kpppc12c2bff4487a1vamwqwcjtbn24hf4t448pp9gftnhv63609k2mp756d97hv4sny2cpkz2s75pk0jc80cwa08vwg2kv6p62azbwmh8whx51w7a200882133xjh2j6pqdmb0j87a1dcwxyr99578phy1cm0xsztev76acase2b8nsatbppjv4ndf7xty18zbv6eje8105wr19htyp6c1bq5dtq9xm6str9h0mg18nda45re572ep53cbtfrj3g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%2526h%253D&clickref=oneidDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25oneid__suite_Netmix_Reach14_AKTION&viewref=oneideY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6oneid__suite_Netmix_Reach14_AKTION
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.138.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
5b899b906cc5717ed8a3d0f42ac8290cf9a08f48640bf55c6d173b4a5c396230

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:18 GMT
last-modified
Mon, 12 Sep 2022 13:40:18 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 12 Sep 2022 13:41:18 GMT
crum
dsum-sec.casalemedia.com/ Frame 58C7 		43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bb01bc0c-a965-4799-9926-7487f3cc433d&expiration=1670852418
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74990dde390a9b86-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GL%2BXZ3pkhqLVQhL8PVXcO3UbmhoAnrLQDt3rXWYrtLDseczYOJvY5vSrJKza%2B1STGTjyesN3QLTh%2FA02AhzHnhCpWDw520LYlt6Q54U1ZbnwOA8hVTLOFzJfn1ti4OrUOq6y%2BThgk7ypFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
sid
mug.criteo.com/ Frame 14DE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.deliveryapis.com&sn=ChromeSyncframe&so=0&topUrl=trivia.braincandy.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=V323pXxsMDEzVVFlS1MweG1JaFpYZmlLditidXBIUFlpUHBXWHB6RkwwSUxRV0lWcWRJL2ljek8ySy9oSjI3dzc0Szl3VTdielR5dzVJWGpQZTRUanJ4OEI0bW4wbWJkZlNCaEVqSzdYRVk1bnUvenRVMnpLcGZMVXZVVl...
428 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=V323pXxsMDEzVVFlS1MweG1JaFpYZmlLditidXBIUFlpUHBXWHB6RkwwSUxRV0lWcWRJL2ljek8ySy9oSjI3dzc0Szl3VTdielR5dzVJWGpQZTRUanJ4OEI0bW4wbWJkZlNCaEVqSzdYRVk1bnUvenRVMnpLcGZMVXZVVlZjeTVnZHdSWW4zTmV0UzU1UU9yUlpRQ2k2MkZ5T1Q4czJwbzducU1QeStBZ0lyUVB6NGVMYnZEWTBUMW0vakdhT0lZZDFUazFHZGRRNUNSU0J3dFFob2Rac1dEdzdkRDc5OTZocm93SGh6UnJKc21GQlpEU2R2NTh6dVRtdG5IMnBjRVJjbGRObEVkamd6KyswSUV3Rll2cm5HbTZhaGVNeDVsTGZ4amRuUXY1NFlST3luWT18&cppv=2
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d9ec8c005f43b38c752fe12b8c903f34857b6c535ad4b8abb7e418c2a7a7503f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6643954
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:17 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=V323pXxsMDEzVVFlS1MweG1JaFpYZmlLditidXBIUFlpUHBXWHB6RkwwSUxRV0lWcWRJL2ljek8ySy9oSjI3dzc0Szl3VTdielR5dzVJWGpQZTRUanJ4OEI0bW4wbWJkZlNCaEVqSzdYRVk1bnUvenRVMnpLcGZMVXZVVlZjeTVnZHdSWW4zTmV0UzU1UU9yUlpRQ2k2MkZ5T1Q4czJwbzducU1QeStBZ0lyUVB6NGVMYnZEWTBUMW0vakdhT0lZZDFUazFHZGRRNUNSU0J3dFFob2Rac1dEdzdkRDc5OTZocm93SGh6UnJKc21GQlpEU2R2NTh6dVRtdG5IMnBjRVJjbGRObEVkamd6KyswSUV3Rll2cm5HbTZhaGVNeDVsTGZ4amRuUXY1NFlST3luWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
649011
content-length
0
expires
0
pvClk.min.js
analytics.webgains.io/ Frame 7C32 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kpppc12c2bff4487a1vamwqwcjtbn24hf4t448pp9gftnhv63609k2mp756d97hv4sny2cpkz2s75pk0jc80cwa08vwg2kv6p62azbwmh8whx51w7a200882133xjh2j6pqdmb0j87a1dcwxyr99578phy1cm0xsztev76acase2b8nsatbppjv4ndf7xty18zbv6eje8105wr19htyp6c1bq5dtq9xm6str9h0mg18nda45re572ep53cbtfrj3g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%2526h%253D&clickref=oneidDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25oneid__suite_Netmix_Reach14_AKTION&viewref=oneideY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6oneid__suite_Netmix_Reach14_AKTION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 04:13:00 GMT
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
34039
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
sEe0sGUFSoOjXOxnDN2vJjaSLbtaWh1KT_wf1r_Mq_IZvAGmQ9b8KQ==
logo_querformat_herzen_300x100.png
cdn.track.production.webgains.team/275055/ Frame 7C32 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/275055/logo_querformat_herzen_300x100.png?Expires=1662990318&Signature=anJmIb5nbxc3EhfCi6kQPg2JTblRxTSl-4jGvij1WzWNAmN7~5d8IgMUzaWOjYPXjp5ccRFKo-~FGKK5fwTYo00rExXcehxgQNVF~ARqhXAz4TuibcHdtFFNTnHHN1TzZHwvuXfGdWTOjXp2ARL9v8n9gDufkBwHnZqDlemN8ZKKgD95GGD5YkImQHCl4ylgtbfHXWHvConxUueXtOhF2b~xrx5IYyFkWwc6ZG6a45orKYRzHCzI28iRFCHvlUyE0QQhXe4eD2~o10R6Gvlw~BILuEUPOP0RZAbACMVB0UR-57-aEGrMxkcjWXfQK0I7ka6Exs-7D-Cg9V8vc0hHNw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C61651&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CeY4C3fVfKEARSjHZHet1te9AHwSQTx5qfq6&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CDXPa3fwfKWJ3S3HmH9twCwYWfxSmTkDZF25&c=300&d=250&e=&g=399765ac2c22d958c18087516dfd804f%2F8919943430990162565&i=25174%2C25007%2C24905&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1662990018030&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxgetg0hehd8pd640g6ybxa63y4vdtj0nf89hg3gpgyts2pvbf27ycg0kreenhg10g0jrd4nsqwj6kp961fpp19stx96nafm7tepa0kya4a5prrhas78mxb20rdh1caefsqgvcr5kz886gz9w1akrhfs0rw2vyc95zx2bbtrqrch8rtsk6h26e11jjt6ep6ybdkmg8dp34mmw9ppvdxffhgsjmppe0ksrm9snx132n6bepc3w73t7ktxdcz5t1j8bab0p7stdbgwzb35s6t6rg%26h%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-59.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:27:54 GMT
server
AmazonS3
age
30599
etag
"f1ac17cc310d1d58c319caa4cec695b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 12 Sep 2022 05:10:20 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
10517
x-amz-cf-id
1O0km-a92WNwPCSdibGHgKR-JyrhwEeVXLz7cyGf1UVUW5V6f9ltgw==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.deliveryapis.com%2F&domain=p.deliveryapis.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.deliveryapis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.deliveryapis.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 13:40:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
601691
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 858F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.deliveryapis.com%2F&domain=p.deliveryapis.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=VDQHUXxpaEJ4MDBSQ2RhQWRpNjZBZVFoUERKNHo4QzQ0SXllWmQ0VkxoaUVUVEpiK000SWFhYmtGdEVZbEh1Wm9MZi8zSzJuY2ZpRkcwWlBiUmhQL0JoaWR2TnRvTzFvYkt3R0djd1hvdWJYZUozV0dSOHJBVXUyT05rb2...
432 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VDQHUXxpaEJ4MDBSQ2RhQWRpNjZBZVFoUERKNHo4QzQ0SXllWmQ0VkxoaUVUVEpiK000SWFhYmtGdEVZbEh1Wm9MZi8zSzJuY2ZpRkcwWlBiUmhQL0JoaWR2TnRvTzFvYkt3R0djd1hvdWJYZUozV0dSOHJBVXUyT05rb2hDYUwrRU8vc1VKU0lqZUwySG5yMU1BdTNVaGJTRHExN256WEloQjBhQzJkZWJ1N1BIbnVacTlvQTVzZ01SSys4cVNGeXhkdUEwRUpCODluU0lXazd5QXFRTUlJUHEzRHp6MS9NOTZFbUVVZEhMUXdBdXVVZDRtbnlncDRzSFZvaGtYY3Y1d0I0L1phSXRNOHphWU4rbE5LOWhIa1lJQmVhZ00xUlBLOXgycEszOVl0cWgzOD18&cppv=2
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2492b6989d3281cfa10835776902bc8bbbd4bc2c99534741809e92013cf2b097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.deliveryapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1552874
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=VDQHUXxpaEJ4MDBSQ2RhQWRpNjZBZVFoUERKNHo4QzQ0SXllWmQ0VkxoaUVUVEpiK000SWFhYmtGdEVZbEh1Wm9MZi8zSzJuY2ZpRkcwWlBiUmhQL0JoaWR2TnRvTzFvYkt3R0djd1hvdWJYZUozV0dSOHJBVXUyT05rb2hDYUwrRU8vc1VKU0lqZUwySG5yMU1BdTNVaGJTRHExN256WEloQjBhQzJkZWJ1N1BIbnVacTlvQTVzZ01SSys4cVNGeXhkdUEwRUpCODluU0lXazd5QXFRTUlJUHEzRHp6MS9NOTZFbUVVZEhMUXdBdXVVZDRtbnlncDRzSFZvaGtYY3Y1d0I0L1phSXRNOHphWU4rbE5LOWhIa1lJQmVhZ00xUlBLOXgycEszOVl0cWgzOD18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://p.deliveryapis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
440009
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ Frame 858F 		215 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19248/hb_307825_11597.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
ab36df09cb5e25b01598ac72018804e6b45a1f58f5fd6c03c5e19f8803d17d67
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.deliveryapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.deliveryapis.com
date
Mon, 12 Sep 2022 13:40:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftrivia.braincandy.net%2F&domain=trivia.braincandy.net&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://trivia.braincandy.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 13:40:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
399467
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 6654
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftrivia.braincandy.net%2F&domain=trivia.braincandy.net&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=qaa8N3x2Y2wvZERlNk4xbEhQYnlUWTlzTThNQUMvdmxWY045M3ZXUXcvTjMySWpqbXpkMXlJVkwwV3ROY2VsT2poS2s0Tm1RTFBqdUpJTVBnTUUycDc2eWdKazE0bUtUalFZSkJtYnZoS1h1MVNlNU1xUEhiMGlPZGlCY1...
433 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qaa8N3x2Y2wvZERlNk4xbEhQYnlUWTlzTThNQUMvdmxWY045M3ZXUXcvTjMySWpqbXpkMXlJVkwwV3ROY2VsT2poS2s0Tm1RTFBqdUpJTVBnTUUycDc2eWdKazE0bUtUalFZSkJtYnZoS1h1MVNlNU1xUEhiMGlPZGlCY1dDQ3J2a2dPUm50bTN0dHo4RzZvaUxtaWFLbHJwN0dlSXlpL0sxQ1lQcjVHdVgxNjN0dE1nNlY4NDdoT1pjZGVuK3JIaVpTakNZMzRtck1pRXIzaFZzUXNFUUF3ZjAxVlpuTWNQUllOazJvY3NEdmNybWtrcnM5UEpxZDRWKzhwdnArUnhOQUlYSXJOK25FUHhvQXFkandRaEtPOE1NMkVQRUhab1JmL1dRMkl5eFBSK1dtVT18&cppv=2
Requested by
Host: trivia.braincandy.net
URL: https://trivia.braincandy.net/?038e28c5-news-template-
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
88a93888895f2e40b27d8c4436100eff94ecfec917a8709ed2c28429293698d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2833386
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qaa8N3x2Y2wvZERlNk4xbEhQYnlUWTlzTThNQUMvdmxWY045M3ZXUXcvTjMySWpqbXpkMXlJVkwwV3ROY2VsT2poS2s0Tm1RTFBqdUpJTVBnTUUycDc2eWdKazE0bUtUalFZSkJtYnZoS1h1MVNlNU1xUEhiMGlPZGlCY1dDQ3J2a2dPUm50bTN0dHo4RzZvaUxtaWFLbHJwN0dlSXlpL0sxQ1lQcjVHdVgxNjN0dE1nNlY4NDdoT1pjZGVuK3JIaVpTakNZMzRtck1pRXIzaFZzUXNFUUF3ZjAxVlpuTWNQUllOazJvY3NEdmNybWtrcnM5UEpxZDRWKzhwdnArUnhOQUlYSXJOK25FUHhvQXFkandRaEtPOE1NMkVQRUhab1JmL1dRMkl5eFBSK1dtVT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
673201
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ Frame 6654 		216 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e37e6fd1355bc6fe818d1c117bdaadd3fad30e6bbd004efe9ee9d35aa5713983
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trivia.braincandy.net
date
Mon, 12 Sep 2022 13:40:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 6654 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1432
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://trivia.braincandy.net
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ Frame 6654 		63 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.72.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
15cf6aeebf1486f940ea6be271906e3263b8fbfb8f8cbffb7d0993b0d26f2a77

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
x-server
10.45.21.197
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 6654 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/461941/hb_270443_960.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e657569f1ab3e35fec79a09563b584e2500481969f6e6408667d717fbf530058

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 13:40:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://trivia.braincandy.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 12 Oct 2022 13:40:19 GMT
tracking-event
api.webgains.io/ Frame 7C32 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-8-108-133.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Sep 2022 13:40:19 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f23f22d0f513eb93d8995f7ef62e7bd1132b69d7e94486640489f3295a589ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 13:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11287
x-xss-protection
0
syncframe
gum.criteo.com/ Frame CEF1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=trivia.braincandy.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:19 GMT
server
Kestrel
server-processing-duration-in-ticks
1854663
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 2E40 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=trivia.braincandy.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:19 GMT
server
Kestrel
server-processing-duration-in-ticks
11820165
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qaa8N3x2Y2wvZERlNk4xbEhQYnlUWTlzTThNQUMvdmxWY045M3ZXUXcvTjMySWpqbXpkMXlJVkwwV3ROY2VsT2poS2s0Tm1RTFBqdUpJTVBnTUUycDc2eWdKazE0bUtUalFZSkJtYnZoS1h1MVNlNU1xUEhiMGlPZGlCY1dDQ3J2a2dPUm50bTN0dHo4RzZvaUxtaWFLbHJwN0dlSXlpL0sxQ1lQcjVHdVgxNjN0dE1nNlY4NDdoT1pjZGVuK3JIaVpTakNZMzRtck1pRXIzaFZzUXNFUUF3ZjAxVlpuTWNQUllOazJvY3NEdmNybWtrcnM5UEpxZDRWKzhwdnArUnhOQUlYSXJOK25FUHhvQXFkandRaEtPOE1NMkVQRUhab1JmL1dRMkl5eFBSK1dtVT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 13:40:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
486689
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VDQHUXxpaEJ4MDBSQ2RhQWRpNjZBZVFoUERKNHo4QzQ0SXllWmQ0VkxoaUVUVEpiK000SWFhYmtGdEVZbEh1Wm9MZi8zSzJuY2ZpRkcwWlBiUmhQL0JoaWR2TnRvTzFvYkt3R0djd1hvdWJYZUozV0dSOHJBVXUyT05rb2hDYUwrRU8vc1VKU0lqZUwySG5yMU1BdTNVaGJTRHExN256WEloQjBhQzJkZWJ1N1BIbnVacTlvQTVzZ01SSys4cVNGeXhkdUEwRUpCODluU0lXazd5QXFRTUlJUHEzRHp6MS9NOTZFbUVVZEhMUXdBdXVVZDRtbnlncDRzSFZvaGtYY3Y1d0I0L1phSXRNOHphWU4rbE5LOWhIa1lJQmVhZ00xUlBLOXgycEszOVl0cWgzOD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 13:40:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
477015
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.108.133 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-8-108-133.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:40:19 GMT
server
nginx
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=trivia.braincandy.net&rs=trivia.braincandy.net&sid=9619&t=1662990015&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662990015432-982903183926-007218-003-006309&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=61639838801&d39=&d65=&apppkg=&cd1=sp_HQI9uHrd&cd2=Desktop&cd3=pitc&cd4=f46770ce-0b86-42fb-92f7-fa9a72fca111&cd5=Qin4yxWCqlLyU4_wQtD1H3cfAcsShhaRx53nqVa3kj5hxTepkL7OfMCGGmjpfrnY&cd6=stable&cd7=row1-column1&cd9=151404300&cd10=v21.6.0&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=6284bb0d2f143523756080dd&e=request&cb=1662990019630&asid=61d43e8d8f166e7a740fc074%2C619ce37d2e9edf5f873416db%2C6135e52135e75e007f36c34f%2C614337a85c49df000b43be8e%2C61b73b07fddb984f765c5604%2C61bf200e9e4a132a353bbe77%2C613f2554f291157aa138fd97%2C61e001c58ce9e90212130518%2C62665c8e7cc7ac7b6f3fa53b%2C614b567f9101b84b0b7a8835%2C610a78a0f82fe519c712a5c5%2C61312c6f520a741f1b4d5991%2C6318817726421a46b6745ed6&ofpr=1.5%2C1.79%2C1.95%2C4.02%2C3.3%2C3.118%2C1.89%2C1.22%2C2.16%2C3.61%2C2.56%2C2.93%2C2.19&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.10.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-10-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2259f33b9d5c5c852%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262665c8e7cc7ac7b6f3fa53b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22604824c37cb0f39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22fd4e36a0-e6fe-47af-a735-09bbccd89674%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.16%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e926af9df186643bac4482a91e41631722921a7a73c8c32a73635fd61bef7a56

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qnlT5H%2BiZz9W83Vj6VWR7e2XbElDMYo4k4efhHJYkK%2FCFGJNtiX0AkXfj05g0xsgXwp3oXf%2FkSnQ43Fpn4Yy2M099rKjzVTRb6H2hQnMvXUVnP49w7Q6UKldExTpSkKFNZI4nRD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6dab390dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000320
X-SpotX-Timing-SpotMarket
0.003572
X-SpotX-Timing-Page-Mux
0.001006
X-SpotX-Timing-Page-Require
0.000369
X-fe
015
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007162
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000314
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003572
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001565
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22638faab18be7aee%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261d43e8d8f166e7a740fc074%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22648f7efc3426965%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22458f9c30-8000-466d-b8ab-2433957900ca%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e379fd77a44dfaea8c4424cb282ca9f808c09a1e503bf4259ff6f7d389d9e304

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8IXBSPlLPpZgfuk5Pm3N4WdtmxyJG%2FmuMOxmdJFXttH0h5hH0qNCKqpAwOtAeRT7O0l0eWbpXXvkKORBY1Pt1izQZCIP9iyCe%2F6RkST8UdXmFelCAIk2JvVNKuScXWuwG0O2Wdo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6dab490dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000329
X-SpotX-Timing-SpotMarket
0.003696
X-SpotX-Timing-Page-Mux
0.000849
X-SpotX-Timing-Page-Require
0.000369
X-fe
086
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.007216
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000302
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003696
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001653
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22673a421c1e4ba08%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22613f2554f291157aa138fd97%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2268d5c9cc16c4b44%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2239d491c4-e35d-4e19-b867-66e05a65792e%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.89%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3de469d8bb23d0e10e177b2f333d4014b67efc21fa7636670401f2866e4c537

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm%2BLPCNjSt8MGOvXd1wKPnqKBOWkuP8OJ2WtBj1nFBndAy7mCO06adbOim2cf87ZEMQLb4TqCrW16NSS1K4z1dVjD3iJw9a0XsN%2FPmMlasJvbSS2zYOGpKvImNAOsEGKuzZGBAnb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6dab690dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2269e5d82a14a71bd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73b07fddb984f765c5604%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2270104ee040be3ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2233d32b8f-e934-45ff-b366-9f5f43a1f6c2%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.3%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f83af35d53822b023c12afa4579553de771d9f897f8ddde02c2a88a3419a0b

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEsMEU8XX8PZGowVyG60bQtQt149hWLwHg1%2Fdjmsi%2BknZJezKNAQxmAQX9H3CEMRKpXtAFoTSxVRdMe7tmy5Pv%2B%2B3OSFNDo1Gsi7Ct%2Fy2cTy%2BCjIZsbDMROkyOlr21qciD8XThY2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6dab790dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22711980d9d82cd28%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261bf200e9e4a132a353bbe77%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728d230f09da64e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22124a02c7-4096-46c1-9540-25502a63807d%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.118%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dc4d3fd9ddab5af37d82b31bad8992e3ce3b7b1c9ffc4d03360f23d42d00dee

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ULjnbyUmP8r92wyBdYirqhg%2BaeDcv1Yjw21xg5u3%2FOrZoZd6xOeW6wmF%2BJ94sCLsKh%2BIc76VCWlIKQD3Ez0vCw5%2B4npE9%2Bsw7T9q8ySPx4IwOUuRUk1vpPQ7IZdN4CiMeQ47ry%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6daba90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000325
X-SpotX-Timing-SpotMarket
0.003161
X-SpotX-Timing-Page-Mux
0.000885
X-SpotX-Timing-Page-Require
0.000441
X-fe
121
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.006967
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000339
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003161
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001799
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000897
X-SpotX-Timing-SpotMarket
0.004206
X-SpotX-Timing-Page-Mux
0.000938
X-SpotX-Timing-Page-Require
0.000340
X-fe
048
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.008184
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000281
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004206
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001507
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22773ab5b9e02b4a5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261e001c58ce9e90212130518%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22783d6a64176fbf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%220b931883-a4b0-448d-896a-30c6ee0abc84%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.22%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
251a24407beb3bfc649631724b942dd7f80eb99c9b4fea818a9fa1ef95871f05

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIbbYo%2FHUOxDTArCnpGZ%2BcWU2qkx8qEyaRVWCgo7jGK9LaerCfXAlmZeneYuf8SvU%2FYBiiqDgijFi9zlRmt6Eg5SrMpHgH3w9JRjPihvSHDc6aWvcQkWpC73wss41Rcl0%2B69sxR%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6dabe90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2279e57d2dc545e7a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22619ce37d2e9edf5f873416db%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2280c047d430a1e3a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22f23d9a4c-d015-469b-b723-c8412070f232%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.79%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38345a504518dcad2b30eafdf92d5eec960035c715a759effd6e5ae557d8b91c

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCv%2FWvIMaIU%2FHAQ%2F7xQQ%2FHuEx26lHfa6IPhy9z12Y8xa2yGlc5YCPImdKH2WEv5Id6Hy1nQkGIS6jCRUnHlnt7kyVUk1mGF8KvSmUF6BOZ5fXL6Qhf%2FcVcsNsOq6yoZE8PjnEYsp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6dac290dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2281db0205fc71dd4%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22610a78a0f82fe519c712a5c5%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2282cd7415ac6393e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2242d44d0a-6413-427f-92c3-e05858ee71c0%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.56%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611da474032a9f204ff9718f16a17c751d663a04e636351da0e83b133dc89759

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNj5UuShas00YrDBXMbMOUR62ForGc3WqW%2FzuvBDs1xYiuXbkaSYww7O8PM64Gd3xz7oMskmQtoLlXW0ZQnPQJXlkckjPdF0TTuoXOXus4LFVIYbZ2sJhOH68Jis%2FKRhwL7xVJFS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de6dac490dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000316
X-SpotX-Timing-SpotMarket
0.003447
X-SpotX-Timing-Page-Mux
0.001880
X-SpotX-Timing-Page-Require
0.000632
X-fe
065
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.009483
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000370
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003447
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.002822
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 13:40:19 GMT
sid
mug.criteo.com/ Frame CEF1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=braincandy.net&sn=ChromeSyncframe&so=0&topUrl=trivia.braincandy.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Y0uMKnwzeU9CQjduRU5YbzQ1ZER5UTJOU2dMNTFWVHN2NjBlL1JWeTRhZHF5bExyNkJTcU1wcEN3ckNvMythdys0RGVmMXRzU1c1WXNKTDY5Y2NpbWhjQWd1dFlWVFdrOHYxUXRxdVMxakZnTmI0T0IvSC9taU5ScEJRVi...
431 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Y0uMKnwzeU9CQjduRU5YbzQ1ZER5UTJOU2dMNTFWVHN2NjBlL1JWeTRhZHF5bExyNkJTcU1wcEN3ckNvMythdys0RGVmMXRzU1c1WXNKTDY5Y2NpbWhjQWd1dFlWVFdrOHYxUXRxdVMxakZnTmI0T0IvSC9taU5ScEJRVi9JUEF2cFVsOTkwUkFKdUZZaXdPT2s3MXAwM3QxUy92VmFtaUp0b0tOd2IzUmRpWitqMkttY3RhenNhYXAwV1lXb2JKajAxUVZocVk1OFVPdnBOaWxLYW8xZWdNUnFBM0RYNUluRm5MQmNHRFI4Q1pTKzRYV3RqZitFTXFjWVQ3WTlnL3BzSTl0QkFYL201RDRJczU4TzNvNk54aEU4QT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
20580a61a964c3bcd0931657fd4b9f448f3801e02a57bcbdcd4da5dc22fbdf28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1401634
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:18 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=Y0uMKnwzeU9CQjduRU5YbzQ1ZER5UTJOU2dMNTFWVHN2NjBlL1JWeTRhZHF5bExyNkJTcU1wcEN3ckNvMythdys0RGVmMXRzU1c1WXNKTDY5Y2NpbWhjQWd1dFlWVFdrOHYxUXRxdVMxakZnTmI0T0IvSC9taU5ScEJRVi9JUEF2cFVsOTkwUkFKdUZZaXdPT2s3MXAwM3QxUy92VmFtaUp0b0tOd2IzUmRpWitqMkttY3RhenNhYXAwV1lXb2JKajAxUVZocVk1OFVPdnBOaWxLYW8xZWdNUnFBM0RYNUluRm5MQmNHRFI4Q1pTKzRYV3RqZitFTXFjWVQ3WTlnL3BzSTl0QkFYL201RDRJczU4TzNvNk54aEU4QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
651989
content-length
0
expires
0
sid
mug.criteo.com/ Frame 2E40
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=braincandy.net&sn=ChromeSyncframe&so=0&topUrl=trivia.braincandy.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=7I8BXnwySER6eFlvWEx5MGQ1bnNQcmN2Z29PUW9TV1JIQXJicWFkMHdpQmJTc2F5bDJFYTZET29SMUFMNGpwWW1Ibi9yQ1pRa0U2OGlqUnhyOGZ0Ui93VkxQWEc0RSthbVlmMlpGd1BHekpReWpHSmNnUzExSDFhVFFjcG...
433 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7I8BXnwySER6eFlvWEx5MGQ1bnNQcmN2Z29PUW9TV1JIQXJicWFkMHdpQmJTc2F5bDJFYTZET29SMUFMNGpwWW1Ibi9yQ1pRa0U2OGlqUnhyOGZ0Ui93VkxQWEc0RSthbVlmMlpGd1BHekpReWpHSmNnUzExSDFhVFFjcG0xd24rNEdqMHhCeW9HY1RNUzgwRlV3SHlUVkRiY3dXc2gxa3ZlbWRyM1drRGY4SUNpVFo0blBJOWNpb3FQR2JFbHdHQm52RngrWkNIWmdneXBEVjR5ZjFzZTJXS0xUZmM3dUliYUFwQVd4Q3I5SjdoQVZ6c0UxZTZ5NTY3VWpKaWU3S212TnhzR0JTejZGbzBwOUFMd0VFWG4xdC9qUT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4ecce3f138b6ec4cb899f33e391461a730b4f540999657352b350e7a237fc87d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
858474
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=7I8BXnwySER6eFlvWEx5MGQ1bnNQcmN2Z29PUW9TV1JIQXJicWFkMHdpQmJTc2F5bDJFYTZET29SMUFMNGpwWW1Ibi9yQ1pRa0U2OGlqUnhyOGZ0Ui93VkxQWEc0RSthbVlmMlpGd1BHekpReWpHSmNnUzExSDFhVFFjcG0xd24rNEdqMHhCeW9HY1RNUzgwRlV3SHlUVkRiY3dXc2gxa3ZlbWRyM1drRGY4SUNpVFo0blBJOWNpb3FQR2JFbHdHQm52RngrWkNIWmdneXBEVjR5ZjFzZTJXS0xUZmM3dUliYUFwQVd4Q3I5SjdoQVZ6c0UxZTZ5NTY3VWpKaWU3S212TnhzR0JTejZGbzBwOUFMd0VFWG4xdC9qUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
619281
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D5A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 12:27:16 GMT
expires
Tue, 12 Sep 2023 12:27:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5EB7 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
536fcf2cf7189f8b290d1a210865b1e309993226317317b1c6d3f19a76d79d3b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-16bpCRSphBbK4MaahcOKoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trivia.braincandy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-16bpCRSphBbK4MaahcOKoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 13:40:19 GMT
expires
Mon, 12 Sep 2022 13:40:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=trivia.braincandy.net&rs=trivia.braincandy.net&sid=9619&t=1662990015&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662990015432-982903183926-007218-003-006309&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=61639838801&d39=&d65=&apppkg=&cd1=sp_HQI9uHrd&cd2=Desktop&cd3=pitc&cd4=f46770ce-0b86-42fb-92f7-fa9a72fca111&cd5=Qin4yxWCqlLyU4_wQtD1H3cfAcsShhaRx53nqVa3kj5hxTepkL7OfMCGGmjpfrnY&cd6=stable&cd7=row1-column1&cd9=151404300&cd10=v21.6.0&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=6284bb0d2f143523756080dd&e=request&cb=1662990019746&asid=61312c6f520a741f1b4d5991%2C610a78a0f82fe519c712a5c5%2C61e001c58ce9e90212130518%2C619ce37d2e9edf5f873416db%2C61bf200e9e4a132a353bbe77%2C614337a85c49df000b43be8e%2C6318817726421a46b6745ed6%2C61d43e8d8f166e7a740fc074%2C62665c8e7cc7ac7b6f3fa53b%2C61b73b07fddb984f765c5604%2C614b567f9101b84b0b7a8835%2C613f2554f291157aa138fd97&ofpr=2.93%2C2.56%2C1.22%2C1.79%2C3.118%2C4.02%2C2.19%2C1.5%2C2.16%2C3.3%2C3.61%2C1.89&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.10.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-10-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22853bcaadd6270a6%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22610a78a0f82fe519c712a5c5%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286f6866ebb766ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22838af587-a536-41f8-bb4a-0530d1600e67%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.56%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e25223624197e7951c54febf36fc4d730ad56a802fb3bdfb4f9e13041fdd41

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evl2VbMmJ0aDkVq12REFhirYzwjqLVoQQ5eBfqa8h5QMXbOG90A8bwN%2Bks5L3fHmE84eC7NNucQ6rqWHTR04n7NiQwZHnWUHyJy1Zd6d2ow3OUklsJuB2vpXg8Pv1k5%2F0f3THW9C"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79ba090dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22872a0e27ce85047%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262665c8e7cc7ac7b6f3fa53b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2288f5d15852b2fed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22aa8cde5c-0b62-48a0-aedb-bd100a4727dd%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.16%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ecd4d45ef347c2f95cb2515f51c456ec25487c693ed2a83b8379044ecf9c96

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1%2FtOTBVssbq2vz5BVDmRzFTSIxnU%2FCsz66O6UznxWMnEA8SLbEiOTDiTkTx3EW0aEsi6hS6lSXf3Gyma1bQQoSqooG8Up3OBnUd5PTzfRBvdE1n%2BWNKCO8EUOMXU1Crq7JQuDAq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79ba490dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000343
X-SpotX-Timing-SpotMarket
0.003988
X-SpotX-Timing-Page-Mux
0.001498
X-SpotX-Timing-Page-Require
0.000294
X-fe
025
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.010079
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000268
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003988
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.003671
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229153d7e8ba681f3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22619ce37d2e9edf5f873416db%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229262adf067040b5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22579dea17-86d7-4459-87e4-969ba745ca0d%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.79%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f84051605f6d7b2b55d9e2f1c54f742139ffd382b4eb2846dd5faa7b6fae484

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3FYo2cySErwV70S88RPda%2BhAo3Avk9az2I1lzUS%2FZzPuL%2F1vXuGvcjz31zJZ9h1M8PCx6gud46IK9q5CMNx8FgFoDF52%2FUUvsMRjNugUizqp9u7%2BqUABx4zTr94bQ2TsOa%2F1YjL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79ba590dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000336
X-SpotX-Timing-SpotMarket
0.003265
X-SpotX-Timing-Page-Mux
0.000869
X-SpotX-Timing-Page-Require
0.000336
X-fe
110
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.006821
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000282
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003265
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001717
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2295c52eae15f5e5c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261d43e8d8f166e7a740fc074%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2296b067fb60f3082%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%227437436e-727a-4c99-8e56-efcdf5bedeeb%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53caf27cc62815e2c17f4dbf9eb6a364d81c020b79b9937afbf8234e2bbde7ee

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlFZQFfJUk7Wj4hZgdqf%2Bx4XviDeHpKwpzVIdh0IlFyxSQNPdbkxf4Ib9pdq4GnN0dVuXWw%2F4xhpUhF0od9Y3ZQ9BdZ0p7VGBeNN9a0Pr7Zp%2BO8LGYveAPm%2BkdO9Z8cfiuftkR02"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79ba890dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000324
X-SpotX-Timing-SpotMarket
0.003712
X-SpotX-Timing-Page-Mux
0.001004
X-SpotX-Timing-Page-Require
0.000540
X-fe
025
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.009420
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000382
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003712
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.003439
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229995a340eff60cd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261e001c58ce9e90212130518%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22100478277833535c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%229762d352-7f26-471a-aa2e-e2db1810dd7f%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.22%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c56c07e50cedb853a79aacc1667b70b1431a5aaaa118ce7ac89b0516c47ee536

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jIF7IYh3rTtAUZqDzOMwFNwE%2FCcgMCWL%2FHpX5ERN2XDEM5UaCAQnzp9WZbGTmYCI145TmjPu3VWk2jn5zgGovRF1dNT53XeHZ7EeWlE1yv4zig3n4NBPLyyZXfpXXDLjNbF8TOz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79bab90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22101689fd7757d123%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261bf200e9e4a132a353bbe77%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22102433586d850637%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22e760705d-dd4a-4ff9-95bb-802d78aff961%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.118%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4381fa3525322d7c4f8e1a6cf3dc595027902532d34f60e75ae7799f02fe84

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btGoqGvCrAVoQ8oxFAngIK124afmBQViiRlXSKwPSgc8xKtWLaA7uCxkDtmg1IpDtvB0nArdoXo%2FZZy0ZAotz6eSndZjk7bv1dgot0Uui112EfBMGkArYIrsh%2Bnjw9EleJsEGTNj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79bad90dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221033b00162154a49%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73b07fddb984f765c5604%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221043746769ee7b4e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22ff3cd103-c96c-4da0-a1ae-999abda9299a%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.3%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88deb54d34e25c15913f3dfe142cee2e49eaa6150765256e2587429920b3e36

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdJeSjrEm84Nz4TDngaYNowEKqAXvYz8PYzNx7XoN0KgUxH01sk48OwCwh6mP%2BMxDgtTI7B7E6NBYQqkrDWzJ6C%2BIAoyVfr9KCd6VoSytkWPOS%2BZovORAGrHtMd9UQShTkxFxU7Q"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79bb190dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221051a09842c9fc57%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%2C%22page%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Ftrivia.braincandy.net%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22613f2554f291157aa138fd97%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22106601ca89aa6991%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2273f3c9b7-a799-4919-880d-c2c687530876%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.89%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_HQI9uHrd%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b8111b-866e-46fb-a61c-17411a046eb7%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370d19704c5b60ab00c39eaadc7088f503a4d40ba9c7a4eaefa6a3db457a76e5

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 13:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3xWDnddvLeulitcfP7MTwFYIKYkmpC1kUSBqorSf9MOEnxoRJXwYRwO6IorFOEaD6Zfs0DTz%2BQRhkdBnrOgbBeKAHtZsRDalowZFiyEZDc3dKhD1QYbReEaax47%2FfBSfOe%2F7zY7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trivia.braincandy.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74990de79bb490dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 13:40:19 GMT
X-SpotX-Timing-Transform
0.000440
X-SpotX-Timing-SpotMarket
0.003917
X-SpotX-Timing-Page-Mux
0.000943
X-SpotX-Timing-Page-Require
0.000390
X-fe
103
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.007549
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000380
Last-Modified
Mon, 12 Sep 2022 13:40:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003917
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://trivia.braincandy.net
X-SpotX-Timing-Page-Misc
0.001462
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 4D5A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 16:56:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5EB7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=3974309788351676&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4D5A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Yl6x7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:40:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=trivia.braincandy.net&rs=trivia.braincandy.net&sid=9619&t=1662990015&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1662990015432-982903183926-007218-003-006309&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=61639838801&d39=&d65=&apppkg=&cd1=sp_HQI9uHrd&cd2=Desktop&cd3=pitc&cd4=f46770ce-0b86-42fb-92f7-fa9a72fca111&cd5=Qin4yxWCqlLyU4_wQtD1H3cfAcsShhaRx53nqVa3kj5hxTepkL7OfMCGGmjpfrnY&cd6=stable&cd7=row1-column1&cd9=151404300&cd10=v21.6.0&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.10.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-10-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trivia.braincandy.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 13:40:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=3974309788351676&bg=!SkmlSQ3NAAZTikH4c4o7ACkAdvg8WipURykJgzhRaJO8B12ydN-P4o1abHaX4tbt-ijrEjx9I8FE1gIAAABnUgAAAAJoAQcKAIN07ri0MNeZl7YIIs6-JM9ScxAY_DBnxsd7mwWJ2xLXnkxmSxp0ubt6c9dsARTuVN7mD83GnzBqnjIF6ui20T_uuHByLa-NyNAIqqiWjexBdWfPrP7J_oapwunToYFJxSxgUTofFB04eutnZwG_35f6gDTumQfZKswYZEs12JqBeUwOsJkC1s7dyHv63qeT4QAw4hHHGiBftc8d0jkG6sSOOHK0ht95JckTXQul5r9pBVEmlK5XQfSAtTK4kbbl8-6xt5fSU5P9PElx8qhXlH6RogtZdqA7ecgs-3v4QFd6T1Il5u7uL-gAXi3ppv9JgIUJzb0HyB4GRlq0kvcq3OCTFSrAd6MKn_7RAW3zXYWdFSvi-YNJDhp1MYXsOEWwlagsamjFI35oWdzzqFPOx3yqgCsBoMtoj2oC18F6sVh-KeONg6iSOQuTEUp_Wy72y5znSWt7KxqT8t000kvw9ClIjl272oYJoNFcooMO0uuRyBiJTdmC9QoHcsvQe5uYdAgk6N3anQODncT40lxTumC_LKmANbCKWRJSZkNkWu9pP5mgmvca4CWlJr7wp6ELnwZnmjRZBWM8e6IW_TmQWx-CPK0uKXVlz4GLjiCgbVgbhtPXKUnUjIzZjW5nxt48zzrW_dIz1d0MtTEUeyG0PpCLSwmPSHbO1ZVpv6NHIJGt2DZIBmIJdzra-6_lxCt-vDZNWlrASbjFfsZCUzYtGOiVaP0L8rrO68KV2ZHOLCAxiBzzntMaRLXIj1WOhe64xGjTsOzPsGglB_pGazNfEWGaeUWJbegaLp2o8s6Ka0DFSezKHPDLC5oONLP8VKLqdN0EE2MKlvdZHY7bzzXFVJ8Hg8CwpODFZwz00d3vKuN0Stjo8qcmQlWQd0Obpd5uRc3bkw3nKOxZkKY27rKaMOgw4-8su45dGN6yacN_nB2200Tws_fY6v0HtNTKO0ljB6FWDMxqlqracq7wA7t0MpyVhr3qULSoTbf1wwq5dkvGngA22ZB-CaxAX7NvekxNiqP9bCZXy0VFlhWZDE_CMJw3LFo3UoVUcNECm5Ndvgo0-z3yKNeQPZ6TUIMtmt2Sb_yfHliKfibkqE6W_phoQtAhEPCFd_a9fn5tKkWw2-PkNvP7Oce9ENQd7LljIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trivia.braincandy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/all.js?hash=95732b727038a52517e32842875b4652

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| cID function| fbAsyncInit function| $ function| jQuery function| checkeu object| tude function| fbq function| _fbq function| obApi function| fb_share function| new_Share string| GoogleAnalyticsObject function| ga function| rrssbInit object| FB object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| LI object| __li__evt_bus object| liQ object| __buffer object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| jQuery111108927629368123917 object| tudeChunk object| pbjs object| _pbjsGlobals object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| __SPOTIM__ object| process object| __OPEN_WEB__ string| OW_AD_UNIT_TYPE string| __SPOTIM_PAGE_VIEW_ID__ object| regeneratorRuntime object| DD_LOGS function| _typeof2 function| __liSync boolean| google_measure_js_timing object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| SPOTIM function| owActionQueue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| webpackChunkads function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| avPlayer object| google_llp object| storageAni number| google_lpabyc object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| GoogleGcLKhOms

107 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgUIBhCdEzIFCAoQnRMyBQgLEJ0TMgUIfhCdEzIGCIsBEJ0TMgUIeRCdEzIGCIEBEJ0TMgUIDBCdEzIJCP____8HEJ0T
.braincandy.net/ Name: _ga
Value: GA1.2.805242697.1662990013
.braincandy.net/ Name: _gid
Value: GA1.2.1269150827.1662990013
.braincandy.net/ Name: _gat
Value: 1
.braincandy.net/ Name: _li_dcdm_c
Value: .braincandy.net
.braincandy.net/ Name: _lc2_fpi
Value: caf62bed74b7--01gcryvm3td9gp2kbxw6syt5cn
.braincandy.net/ Name: _fbp
Value: fb.1.1662990012712.1970510093
trivia.braincandy.net/ Name: ASPSESSIONIDAWRQCRBD
Value: IPEAPNADHNPMIGEONNEGPJHC
.spot.im/ Name: device_uuid
Value: 74065e47-a5db-42d9-ab47-6dc32ccb66df
trivia.braincandy.net/ Name: outbrain_cid_fetch
Value: true
.liadm.com/ Name: lidid
Value: 864e37a3-6fe1-43b7-b25b-cffb3a9e4f25
trivia.braincandy.net/ Name: _liChk
Value: 0.9619550096357121
.doubleclick.net/ Name: IDE
Value: AHWqTUncdM-r3Hu4bMl9qRSFn1FJowsrbtvHoERyGkCTK_12rNLEZePba-A6cmkeHwE
trivia.braincandy.net/ Name: _dd_s
Value: logs=1&id=feff839c-ce03-4310-bbba-fa8d6426add1&created=1662990012677&expire=1662990913888
.mathtag.com/ Name: uuid
Value: e87a631f-36be-4f00-850a-dc03c98b21c5
.bidswitch.net/ Name: tuuid
Value: 0affba2d-acc5-4bae-b59c-7cce70a173a1
.bidswitch.net/ Name: c
Value: 1662990014
.bidswitch.net/ Name: tuuid_lu
Value: 1662990014
.braincandy.net/ Name: spotim_visitId
Value: {%22visitId%22:%2274065e47-a5db-42d9-ab47-6dc32ccb66df%22%2C%22creationDate%22:%222022-09-12T13:40:13.592Z%22%2C%22duration%22:1}
.demdex.net/ Name: demdex
Value: 72381674148779969430150512367849694544
.adnxs.com/ Name: uuid2
Value: 1191377105773987456
.addthis.com/ Name: na_id
Value: 2022091213401400010512923328
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 631f36bea316fb68
.addthis.com/ Name: ouid
Value: 631f36be00019519b8f4927f3190083a99b899c0df1bce252694
.dpm.demdex.net/ Name: dpm
Value: 72381674148779969430150512367849694544
.doubleclick.net/ Name: DSID
Value: NO_DATA
.spotxchange.com/ Name: audience
Value: 6e6770b4-32a0-11ed-ad81-1f6fc1870506
.dlx.addthis.com/ Name: na_sc_x
Value: 1
trivia.braincandy.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yahoo.com/ Name: A3
Value: d=AQABBL42H2MCEHb2gmbbNpC-X4CxOGd7S1IFEgEBAQGIIGMpYwAAAAAA_eMAAA&S=AQAAAkyIqDG82DmQ7LfutWo3vq4
.braincandy.net/ Name: _pubcid
Value: 20b8111b-866e-46fb-a61c-17411a046eb7
.spotim.market/ Name: a301276
Value: 6e6770b4-32a0-11ed-ad81-1f6fc1870506
.spotim.market/ Name: a290146
Value: y-eRJS4LdE2uFJaQcZAz.sSqbFbaTDWC5K~A
pool.admedo.com/ Name: tuuid
Value: d54074aa-82e6-4dad-b5e3-2a98cedd8acd
pool.admedo.com/ Name: c
Value: 1662990015
pool.admedo.com/ Name: tuuid_lu
Value: 1662990015
.analytics.yahoo.com/ Name: IDSYNC
Value: "18wk~274d:196m~274d"
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: FTdUuBZHjtWp8KdtSjO6fy9W
.quantserve.com/ Name: mc
Value: 631f36bf-8515c-887ca-dfc60
.casalemedia.com/ Name: CMPS
Value: 1219
.openx.net/ Name: i
Value: 20b8111b-866e-46fb-a61c-17411a046eb7|1662990015
.rubiconproject.com/ Name: khaos
Value: L7YTBGBZ-M-KEIH
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Ej4+JfwwtnFJQNb0fGVcfL/XWaA1sYWTLHCRi4Lg8bJK58zbdFv9uoJGbuW089p7C7mu13IJK7mJpdfcVCPkhNNMfhabQi3+krmSq0Z8vA2Pw==
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fcdd223b-098a-43f3-a065-8b6c1eea7a11-003%22%2C%22zdxidn%22%3A%222069.55%22%2C%22nxtrdr%22%3Afalse%7D
.innovid.com/ Name: uuid
Value: d3f21275-c278-4d85-bbcd-2729b8f5e05b-20220912 09:40:15
.spotim.market/ Name: a271858
Value: 1191377105773987456
.casalemedia.com/ Name: CMID
Value: Yx82v5ge6IqyhHPwa4qmSQAA
.casalemedia.com/ Name: CMPRO
Value: 1219
.aniview.com/ Name: aniC
Value:
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220912
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&bdafec56-1ef3-4947-83fa-c395dacf65f4"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjI5OTAwMTY7MjswMjG/MvN8MaXV8NRfSlnck/2qMDxypdq25fxMffwxou0Rrg==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2836:u=1:x=1:i=1662990016:t=1663076416:v=2:sig=AQFSQlt90W3JbzzAAWis4FMaTwTqOc1p"
.spotim.market/ Name: a734125
Value: $UID
.braincandy.net/ Name: __gads
Value: ID=4d0883c8da504b63:T=1662990013:S=ALNI_MYauG8SBQZK7XF-iasRH-ABOYPUoQ
.quantserve.com/ Name: d
Value: EDABEAGKJ4EK_fsQ
.spotim.market/ Name: a488792
Value: y-JaOfSTtE2uHppT2cX0WGcefNEcyr5xzlzq8v3yg-~A
.amazon-adsystem.com/ Name: ad-id
Value: A7PL5C034EYBpNZrLdEWA7g
.spotim.market/ Name: vmuid
Value: 85cd34a450e7cc1a
.acuityplatform.com/ Name: auid
Value: 692401733433
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQUw9Xge+mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFMPV4Hvo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.csync.loopme.me/ Name: viewer_token
Value: 2032ee11-ad24-4b35-83de-49d034da406f
.turn.com/ Name: uid
Value: 3108467037136096240
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjYyNDczMDcyMxXiM9S19A1xNLRwS0n3jTcCAIPii78lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjYyNDczMDcyMxXiM9S19A1xNLRwS0n3jTcCAIPii78lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZkaWlgYGhmYWwIAHoLdWoQAAAA
.simpli.fi/ Name: suid
Value: B200686F9F8B4C0988AD06A195C41F09
.w55c.net/ Name: wfivefivec
Value: ZtOSrDyf1OxJFC5
.adtelligent.com/ Name: vmuid
Value: b0ed34a450f7cc1a
.adtelligent.com/ Name: a323546
Value: Yx82v5ge6IqyhHPwa4qmSQAA&1219
beacon.lynx.cognitivlabs.com/ Name: UID
Value: dfc364dd-7eae-4624-8c0c-fa874c3378d3
beacon.lynx.cognitivlabs.com/ Name: ss
Value: O0i1%2FyVL7BCtlXobcHZCAOLRFfZMLEwxUuJJ6JZUR%2FitJ9BmszKCNaDGAadbSRj%2BDISlIsTCjhseOWenu%2BIu9A%3D%3D
.casalemedia.com/ Name: CMST
Value: Yx82v2MfNsEA
.w55c.net/ Name: matchcasale
Value: 5
.casalemedia.com/ Name: CMRUM3
Value: 41631f36c105a00&7b631f36c105a0&f1631f36c105a0&be631f36c005a0&03631f36c02760e87a631f-36be-4f00-850a-dc03c98b21c5&08631f36c12760dfc364dd-7eae-4624-8c0c-fa874c3378d3&27631f36bf0b40&28631f36c105a00&c4631f36c005a0&1f631f36c105a00&12631f36c105a0&39631f36c027605123196423217607265&0b631f36c105a0&1a631f36c005a0&58631f36c005a0&29631f36c005a0&98631f36c105a00&40631f36c105a0&2e631f36bf05a0&e6631f36c02760&05631f36c105a0&33631f36c105a0&18631f36c005a0&bc631f36c005a00&69631f36c005a00&9c631f36c105a00&0a631f36c02760692401733433&c3631f36c12760av-13ce7289-7330-4681-8d48-8418dde65352&04631f36c027603036409443098168304&82631f36c1a8c0&5a631f36c005a0&49631f36c105a0&0d631f36c105a0&51631f36c02760FbMzsBC2YLAOuDfnFuMv7hu3YbcO5GS1FbC1J_AU&11631f36c105a0&ce631f36c005a0&b0631f36bf05a00&2f631f36c12760ZtOSrDyf1OxJFC5&da631f36c12760&6f631f36c105a0&2d631f36c005a0CAESEMiNBVSTiAJoBYDxjOR3Vgo
.3lift.com/ Name: tluid
Value: 3930898199194138239850
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4971138841460341135
.owneriq.net/ Name: si
Value: Q7162764171194441788
.owneriq.net/ Name: p2
Value: cc
.company-target.com/ Name: tuuid_lu
Value: 1662990017
.company-target.com/ Name: tuuid
Value: 86bfd824-c6db-46af-882d-ecfef7071ee8
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fcdd223b-098a-43f3-a065-8b6c1eea7a11-003%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d8bccb26-fdb5-422c-59b4-47169ae55c3b.i5fkWVcb9ngiA1kyrGa34rRQwdnPvLLixiHS7mtxaIA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A2LzLJv21QixZtEcWmuVcO1D_B2o.Pf9ShQ2AqUgAM%2F%2BJ6Oh7yu9Sm2BxYWyAEfsVTnbWem0
.eqads.com/ Name: EQUser
Value: UID=bb01bc0c-a965-4799-9926-7487f3cc433d
.criteo.com/ Name: uid
Value: 54990946-1b56-4b91-8a2d-3fc257f351b2
.awin1.com/ Name: awpv14098
Value: 412871|1662990018|70a8f2f0-32a0-11ed-9f3f-2232bdca291f
.casalemedia.com/ Name: CMTS
Value: 5146
.awin1.com/ Name: awpv11938
Value: 412871|1662990018|70b63960-32a0-11ed-a5a1-2235383f8385
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1662990018_70b63960-32a0-11ed-a5a1-2235383f8385%22%2C%22sp%22%3A%22awin%22%7D
trivia.braincandy.net/ Name: _lr_retry_request
Value: true
trivia.braincandy.net/ Name: _lr_env_src_ats
Value: false
trivia.braincandy.net/ Name: vmpbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-12T13%3A40%3A19%22%7D
.braincandy.net/ Name: cto_bidid
Value: 5lmAxF9aNnpBVTB1U0JpSXJvbzNmakEwMUczMnRxSGo1WHQ5Y3BVamV3VUMxeEFrMUw0SGgyYVo4cHRRQWRVUVplZkIxcmR0a1FtTWdRQ0xnYTZkU1JZd0tBTDMxMUd2WCUyRms3ZDlUVDd6QTFjNDdGQlJpZ0R6ayUyQlhZTzZCR2I0eFFjRUY
.braincandy.net/ Name: panoramaId_expiry
Value: 1663076419672
.braincandy.net/ Name: cto_bundle
Value: jZtsCV85bVViQVN1Y0ZHYkhSeGExT1FWY0xKMHNub096c1ZSMSUyQkFXNkQ4OURDZFklMkYwTU1vVEptVGRzOTlXUUUwRTlwSmFLYmpTNG1PZmVpVWdSeERQRkZPMWlJa0JodUlYJTJGUkM3QzdIaGdhU09QM2lZUFclMkZtMWdSZ2EyUExUV2VlT05oUlo0WlhjbXR4cUVhTlZkNkVvOUFFQSUzRCUzRA

22 Console Messages

Source Level URL
Text
security error URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
other warning URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/14598595354590703952/index.html?v=b208246486'. The query component, including the '?', will be ignored.
other warning URL: https://cdn.ampproject.org/rtv/042208242209000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-omhdu&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,sp_HQI9uHrd,1,,,&transactionId=fe171180-332e-4428-8978-2dbec9542e6d&floor=USD:8.375&referrer=https%3A%2F%2Ftrivia.braincandy.net%2F%3F038e28c5-news-template-&hb=1&fmt=json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://trivia.braincandy.net/playNew.asp?id=cfd78290-d421-43a7-aec7-71b7bed277bf&ia=nancyg15/038e28c5-news-template-&m=&c=3E038D
Message:
The resource https://static.ex.co/pb-story/production/ac72575c88872203f5f62796e0d08ccd00918093-2022-08-15-08-55-42/story-viewer.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1432
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a3442d857c7044240e6fcede8312fdc.safeframe.googlesyndication.com
3ea3ffc8a3eb1098e30fef410d745064.safeframe.googlesyndication.com
a5291.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
ag.innovid.com
ajax.googleapis.com
amplify.outbrain.com
analytics.webgains.io
ap.lijit.com
api-2-0.spot.im
api.rlcdn.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b-code.liadm.com
b1h.zemanta.com
b1sync.zemanta.com
banner.congstar.de
beacon.lynx.cognitivlabs.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.indexww.com
cdn.track.production.webgains.team
cdn2.triviatoday.com
cloud1.braincandy.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
csync.loopme.me
d.adroll.com
di.rlcdn.com
direct-events-collector.spot.im
dn0qt3r0xannq.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
embed.ex.co
embed.playbuzz.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb.spotim.market
ghb1.adtelligent.com
ghb2.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
gw.geoedge.be
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
images.outbrainimg.com
img.ex.co
js-sec.indexww.com
launcher.spot.im
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mcdp-nydc1.outbrain.com
mug.criteo.com
mv.outbrain.com
nep.advangelists.com
netdna.bootstrapcdn.com
odb.outbrain.com
odr.mookie1.com
onetag-sys.com
p.deliveryapis.com
p.rfihub.com
p4dt2-980w2.ads.tremorhub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.ex.co
pixel.quantserve.com
pixel.rubiconproject.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prd-collector-platform.ex.co
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.deepintent.com
prebid.media.net
prod-rtb.ad4mat.net
publisher-assets.spot.im
px.ads.linkedin.com
px.owneriq.net
recirculation-cf.spot.im
recirculation.spot.im
rp.liadm.com
rp4.liadm.com
rtb.adentifi.com
rtb.adxpremium.services
rtb.openx.net
rumcdn.geoedge.be
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
sli.braincandy.net
spot-im-d.openx.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static-de.ad4mat.net
static.criteo.net
static.ex.co
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.aniview.com
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
targeting.unrulymedia.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
track.webgains.com
track1.aniview.com
trc.taboola.com
trends.revcontent.com
trivia.braincandy.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
connect.facebook.net
104.111.239.217
104.18.18.126
104.18.19.126
107.21.27.26
108.128.210.64
108.138.17.121
108.138.7.126
108.138.7.47
135.125.160.160
135.125.163.79
141.226.228.48
142.250.181.226
142.250.185.70
142.250.186.66
147.75.85.234
148.251.139.77
151.101.114.132
151.101.130.132
151.101.130.49
151.101.193.108
151.101.194.132
151.101.66.132
154.59.122.79
162.19.138.118
169.197.150.8
169.50.137.182
178.250.0.165
178.250.2.146
18.132.138.70
18.203.72.119
18.210.127.151
18.213.85.80
18.233.196.70
18.66.112.59
18.66.122.119
18.66.147.59
18.66.147.98
18.66.97.91
185.170.61.232
185.183.112.148
185.184.8.90
185.255.84.151
185.29.134.248
185.86.137.108
185.94.180.123
185.94.180.125
192.132.33.46
193.0.160.128
198.47.127.19
198.47.127.22
2001:4de0:ac18::1:a:2b
2001:678:cb4:bbbb::11
213.19.147.43
213.19.147.44
216.52.2.30
23.205.235.133
23.35.229.181
23.35.236.201
23.35.236.247
23.35.237.86
23.36.162.73
23.36.163.232
23.75.240.210
23.75.246.168
2600:1901:0:76b9::
2600:1f18:612b:4216:db47:8d93:ff67:39f9
2600:1f18:730:b130:1296:7358:4f0d:4115
2600:1f18:ed:550a:412e:4f1e:a01:51cb
2600:9000:223c:b800:8:8845:1500:93a1
2600:9000:225e:a400:19:b6f1:d180:93a1
2600:9000:2491:9a00:4:b37b:9440:93a1
2602:803:c003:200::61
2606:4700:20::681a:71b
2606:4700:20::ac43:4a81
2606:4700::6812:bcf
2606:4700::6812:d4c
2606:4700::6813:ac6c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2006
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400e:80f::200a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:3500:18::1724:a297
2a02:26f0:3500:58c::2c79
2a02:fa8:8806:12::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:d29:3601:1c03:949a:3875:f724
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
2a0c:5c81:5142::2
2a0c:5c81:5149:0:c634:6bff:fefd:5008
3.120.95.199
3.121.253.223
3.126.56.137
3.127.45.54
3.224.43.174
3.67.157.21
3.8.108.133
34.107.148.139
34.120.133.55
34.199.10.63
34.241.100.149
34.95.81.168
34.96.71.22
34.98.67.61
35.186.253.211
35.210.53.219
35.244.159.8
35.244.174.68
35.71.131.137
37.157.4.23
37.157.6.246
37.252.172.249
37.252.172.250
45.133.44.3
45.133.44.4
50.31.142.223
50.31.142.255
51.89.9.251
52.20.76.38
52.205.37.96
52.213.154.120
52.222.209.55
52.46.130.91
52.86.113.127
54.165.142.21
54.175.105.5
54.194.161.205
54.225.153.167
54.236.193.228
54.239.38.253
62.149.1.122
63.251.232.165
66.155.71.150
67.229.238.21
67.229.238.34
67.229.238.36
69.173.144.139
69.173.144.165
69.192.160.219
70.42.32.63
76.223.111.18
8.43.72.98
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0437e047ca262384c6e55620068fc84ec7f6ca82110379f9f3e7843b3847543d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081f13b2eccdffdb18a009c42c29b708a3880dbbfe60a3d42eee84e542c3393e
0862d6495c41366fb50155eb643b1dccdaeee7ccd7fb0dee56c7eafa9f7cdcae
088ec1b89dcdbf71ea615451256bbd204ac3a7e9fb642d0187f7e8f9be6fe4b1
090aef5c007efe6806ee11771471bd31abdea8d750f936efc52dacc7823571fa
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09a7dee77d90a4b39ac83749fec79d85580ed38cd2f587da8d754344e2814483
0a1dc7ee815a2486c665e15ce92d01fb3491abec7a8556b84bbe8c4ccc7b83cd
0a929e8aabf13ddabcd616960df43759c60ae4e454153b79f684823e27ea1445
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
0d72315407e441febbb774ffad89110d740f811d989925c581d97be77546783c
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dc4d3fd9ddab5af37d82b31bad8992e3ce3b7b1c9ffc4d03360f23d42d00dee
0e7d652dfec62ad3d633e84e42d02d82fe477378939481176ebc86dda527f8b6
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
104835e6a7e3eaeb7b2e3d5f887de51929392fdf5cc1c7533859ec75ee04bf29
1084b05873cce3d3ad25480f1dfd25c72fc7d60cec07a65c7e3cc927ecfac6ba
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14fdacc4d72204078f2a729fce24e7ed33f8b428b15f057914b8dc33eb165003
15cf6aeebf1486f940ea6be271906e3263b8fbfb8f8cbffb7d0993b0d26f2a77
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b146af9c12f627e217d087ca160f6c98cd9ef8de8746a794ff24db8c7f3fe46
1ba3af4b667c225a7575fe87388ac82e7ff5cdbcb801ed436755776984f67cb8
1bb7aa64dcbc91767d034c02fdb2443dfeffb3c0b69b16b9cd738836de5db3fa
1bde0739533db7cabc60dab10898157099b7ad27d7858f6dea1a39dda7017d60
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d85c50abc681bdebd98eab3bbb32355918b6df277fd41f5f3a7cb495cbd0364
20580a61a964c3bcd0931657fd4b9f448f3801e02a57bcbdcd4da5dc22fbdf28
22200c292060dcd6dbba8ba1ca1f2546a32968b01a02410fc1c5545b7a25a1ad
246f756556a838ecd33add27fd3b5f5dbf785c4b93d9063ea48d4a01ba7b8056
2492b6989d3281cfa10835776902bc8bbbd4bc2c99534741809e92013cf2b097
24bc6b895d142f835b6a01526f626d6a2be1243456da05cc3072b4e0c890e2d0
251a24407beb3bfc649631724b942dd7f80eb99c9b4fea818a9fa1ef95871f05
2530553fb7c0ab7de8d90007bfbf254a3bafeecef1184f32b2efc73f00ca862e
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
25bfc4c32a75641ce91bc561de2f56bbf7ad94b0daf238e23473f47ec8540826
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28041d112c6b068f45f98dabea96f22742a5c7984486cb5dd8a7c13243dac909
297a79b6cb99f15d6eebd55fbf7df42e0ad160b27d30004a46b6cebc0ba69323
29c3784f5878defef556daefe26bcfe64243a80cc7abce7586daa46c85b110d7
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cf8f38169b7cdf62621a4d7c98224d425da2b0e4ffc608a7d5104cb52b6669d
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2debb0d06878f7b3d197eed8e71e70c33fd74bfd730fa4dd84328fed1d1cd64b
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
370d19704c5b60ab00c39eaadc7088f503a4d40ba9c7a4eaefa6a3db457a76e5
374f15f22383af668c554546f48156e75868fd6dd55ecb2549f223515801d8b4
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
38345a504518dcad2b30eafdf92d5eec960035c715a759effd6e5ae557d8b91c
3910c68ffb5d3d3232bb2af0230b347ade3c3cc18cda7e12326fd93e3e8dcde8
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
3ba33ddcb2477f8f4f7ac1078e8ddb44d9ed23133986c0a1a38a0e12c8cf8105
3c1087b4830128473386303a048e0353e5bb541a7e3f15ad246fa10362a08f20
3cc946d218eb2b241e5f48c6106a096ee8517edd6e0db48d2cb3e72aff98275d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d84024c5ff50153c1f52930a619cd204f7c6ea2f166529dad57a5e64a1ba588
3dca1ff1862018cc61514feae48f711ab043116408134ec162192a5e43e91d53
3e8ec0ca8d5420870f1be10a5c2cb35029c697c411601ea0e008bb9a8b6d6f82
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3f2c719c60b82b068864f566a0dfa0ac17fe72059cd471985e799604721439d9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409663c72651a721fdd24d5b2be998d26b40474b8ae3a2f937495f73fd8abeac
41259c874b7f0bce9a2d007e76a2360f68ad1c5ba093116c67229a1762295acb
419c68f6e4e9cdb3742265fca3d7daab97bdae7eed5fd4b6cc6bef6ffdcd6859
41f83af35d53822b023c12afa4579553de771d9f897f8ddde02c2a88a3419a0b
4255b3b2292ee9a54d879db6f9ef512554216f581f3eca574291fbc2073a07eb
42971bdca2699d7b09ce6538f929c5a8f0bdc048896e0fbf75e48c0ec0b4433e
433be291f1ea19d280d86ce81164f98d1815e48c568a1e8e140f3f367656ead5
43a56f7425c0c4274da9f324fbf4b81d0fcc5943d83c4d7d964aa055655786cc
44d964dbdd7441d109c2b76c9533394b5c67dc5ab4b8a59b2fd4913b13f14da0
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a68501dc91b163ceee7d21567464e6a60a7b645799b4b4f35284af7cfb7155
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b540c14143da2c8c40e67b767c9821a8900fee46616a37bd89f18ea9b60e8f2
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa
4eb5744d7fb3f2db60096437cbff8f1f4c02007964597597c7e056124970f165
4ecce3f138b6ec4cb899f33e391461a730b4f540999657352b350e7a237fc87d
4f23f22d0f513eb93d8995f7ef62e7bd1132b69d7e94486640489f3295a589ea
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f5981f2a60d66e9d1805c3d8c73f00bb3200f6722e841d8bc414698a68e7845
503ae94cf4f406a2527ecc3b35d9491190a7472e53a9c3284d16cb96532c73a1
50ecd4d45ef347c2f95cb2515f51c456ec25487c693ed2a83b8379044ecf9c96
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
51c400482c1bc05ee87f4c011ef47ee7333b26680c582d6229368792f03d6376
536fcf2cf7189f8b290d1a210865b1e309993226317317b1c6d3f19a76d79d3b
53caf27cc62815e2c17f4dbf9eb6a364d81c020b79b9937afbf8234e2bbde7ee
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55810f9e73b427e872cdae62ffe3ab1b87a367ab596349dba3477369cf498fd5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563573badd86b43fcb69151bfc0b244fea273c0431945414ae6a63a9a51e2dea
5695c61250ed1ed58077beeca4118dfd05b8d66ee6703619067dafae787119ed
57ad0f4ae4e278ad7a23f15ef3d0a12c7c38bfb782b00dfe69b34989a990ba76
57bba5d7803aa6358db04165a12bd94996c75349d8ec969c3b61b680fe8b5c7d
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5b835f80c6edd51acded4391e54cabe377799ebffb04b060c1a6db32f2d4a113
5b899b906cc5717ed8a3d0f42ac8290cf9a08f48640bf55c6d173b4a5c396230
5b8a8db63644026156e675e1ff7281d7bab273f2e713472d6927835b24f1e64c
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d5cc2808f0a99369d3a6934a1fa44e87071d24133995e9f1eb9a9a65a6c37eb
5daf28f99af0af761541729c8b12b5232b61f9f78d4cf6cae0b7a282dc9b5107
5ef7c85c7ec5bba7fb1068854634b3210ef1c0af3fea23f167e0b84b8d419688
60275c496520813fecceb945d035d6e1188709ba1ee394d97aae6529f814e880
60bf9149b5fac18b8c69ed4333189a98a39bf094faa5032f7e95dd91e571494b
611da474032a9f204ff9718f16a17c751d663a04e636351da0e83b133dc89759
615c7540215ad8e7fc6c9e6591774c00625719fc9de62acac0bb2fcdfee6fbec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62258687fc3580d55992b36e63209bbeef5c40197ac00526dc4c131efc3233e9
62285f059fd0ccf0b56ba8cfad55dd5a4e1b6f17475d70471236383a294720ed
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
639c2f332ee06b267c5953d550c63f73c493f55b8a76660a74dfbda29a0c0af4
63fe0e8f1173c02d56f90ff65606fa25f7fd8dee8ede033819e9f1cfad520f96
63ff673881cd46862c43f1b8db153f5fb733ddee417980c8c0985fa44b9553aa
641d072a7f3d83a82893d6282ab96dc4b45e94445d5c8da5d1eb23482c8d8701
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee
6728a0ce89e4654e589280a209df5c1d5c8a690bca4a720b79df7255560d118a
676273f78c354de2f0c23f889c03fedf0a51b4d055b1099bf5f79e6a5ff170cf
6860711cd1d404b5deadc7c56fa8d4fc1f268100f02b049df785758209f98daa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c27b3f42c35a124e99cd62bb62cb094783a5854b2d147d6443e5a97b2da93ed
72aaba90d6c4409be1a0fc7c47f24602a9e480ec2ae2a157f5fbb1d652d7f015
740eb48c82f04a10dbeab1b6a04d7f3fb2f9f918820b56854c775f67ce1b5747
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
757890353064d66b81ba671ab1a358aad4b5afe0d5359c183408b441d345306c
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
75e25223624197e7951c54febf36fc4d730ad56a802fb3bdfb4f9e13041fdd41
769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8
76fc9a956463efae8c67c92c11cb2d5a464e51474171880376b466220bd1684d
7856b9607da17737058aaeae43fff34056d8609a2d05ce8a9b9bc327fdd64adc
7a0b8c3cd2d1fb1e591275c4fbbd4c2c85c3a836501b7073713305a23ec09225
7b03b07e58ab82280a7a2ae309c75307c45f7764d1d989dc4ae8923822f7586e
7bd17c52a66c6beff018fe4615c23babe7b123d60c70a6e0c9a14e447c2061e5
7cdd4103c3b736e943a69e3b41e4b0ef4f9f0192ec2cf9cb1aa0767f25789fd5
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7d33ecd7c4e2bdf9821312b4a439e6394c3b6c954944c7628ec0ad6171ccfcb0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dde78f2de8d932b89c32fb311c62ae70b523802bd25364b622dd63ad42d865b
7f1f89da2c6664a007a0154ef5754307dc935d4d41027b42de9fe8372eff52f7
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe53c46be28ba06f3f379097a1bf6dfab29d6d9352cc9a8e9565bd9b0e50ffd
801686257b6c40d5ddc142052b4606aa66f470ea4b4ff7fa5e93d4f43aa06bcd
81cd17fec2090468dc4b4951f4534887e0dc7c29683908b10a6976ac68908114
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84263808fbb6a72b04085b32f0201bdb4270bfa354f35ffe6f3e92b29ff5cfc2
84905f1628abdd236b5959431738bbf87ea06ac93b8246d067915dda2a451827
84c1ead1a81d0c51ad7db7f35d8d0abb878a1405b58e0969987f01801dd17567
857ee0f5aca402719b5ddcfcfca309b165ec1b93d41c91e290816ea4503789c3
85fdfd97247aa0bee66b904cdd23dc9c4329d9fdf606992b6060b68976aff653
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52
88a93888895f2e40b27d8c4436100eff94ecfec917a8709ed2c28429293698d6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af74365f3272e5184cdcbfa45f9752961e1a3204f947c7f9b18f065499e7758
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8c035df23b10de005375f2a45884bb0602cd061917b0eaeb62fc230ff7604e7c
8c8ad595759bdc0d5fc82ebca19d1b5cb9a6729f608742a95e7c5a5de185cb15
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d77272e667edbd250940ee04a90ca18c05443eb72775e1b19c9999b57983226
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f84051605f6d7b2b55d9e2f1c54f742139ffd382b4eb2846dd5faa7b6fae484
907bfac2298aa2efc9fc9a3bdfd496d0244fb41c1a8300e8a6cc2ea300631744
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
931d6f3803d21ee4dad6d86b6cc9f46fc95192e6473e1a62c56cbf0beab95b94
94a06f5d67261e40bcc0bbc986b220c4cb4e94670daba28134dffb693a2d2d23
955dd29d714b46f273dd5068e324b3e073d9a107af78c09220fff645f84a9fbb
95b1af42c75126f98bdbb0db5fab30be396912a83756d2d5c2e080febf967a60
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
97b239e181c48a77934feb7b45717c7ec05b34a2d5425af4ee091afe0d7e9642
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98e6252ad08681bf665de8219a60fdcdc38695c2a7cc0c6f0627a94180184ac2
98e8e19b10d9a7d45f65f24f1d9e85fb858620bec2ecfa57ef7910ce834dced6
99dfd2be60250512f0f146a60168f47a8a50bedef2f2b689334332df9b270584
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8dc8954faa968b7146daf7e692162656ab13b220428bbcd342b66b412ae5a0
9c4381fa3525322d7c4f8e1a6cf3dc595027902532d34f60e75ae7799f02fe84
9d472ebfd9cc90f8403602655a84c9be01903b533905b684cd9befb963d50061
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ee99d8fd2f093eefce822a202e9e07b0f3871a8305eb4469e117796bc537fb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecd095f8a19c92fa14f3bb99445ea27be76a28d9ce12d4dd58fcb6971b8b36
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88deb54d34e25c15913f3dfe142cee2e49eaa6150765256e2587429920b3e36
aa16713bea8bbae770dd8c26feaeea266536c4e8f25923e4d869ced50054c377
aa50a5770487f2083cc414c9ff8d33d145b0d365d6fc43e5ce18cbb7404ff0a2
aa9f479359a20ae1f4635dc557035f51d65f2e520055550d4c250cfc53c5b304
ab36df09cb5e25b01598ac72018804e6b45a1f58f5fd6c03c5e19f8803d17d67
aca510c3db2d0eadf2639bcbc0cadc9deddb490e167d476539a79bbd9c1db860
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ade1d98683ce976187ff43bc00b95c9d25017ecb7fadd7ff855703f4321f37cc
ae4d6ab32051aa7690f4e8aadb1f61d63384855b0903493fd8b129a2d66262a3
ae714a96a90cb96d9571e73e9b0b7a5ef1fc835930c0c5aca5eeadff150097ae
afbc0bb68808c8e6007ee5269d25ff647c0316bfc07dec173b70bbcd94909f8c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4238fce65430ce1851ded4b19658654d53a08095b6c2a282d0f8f3fe41f60a7
b4b752b1a9d24398c9db6bc0945e622d2f231e2c11132ebd012e6a4510e3f062
b5603fde15c2e2b1c5ccf03575ed0bb31b89659c5c765bd741ef6dbee7d09129
b56fd696829dfb589af4ec9a6159bd0a5bb202ef1d02c5690209a853fa72a73b
b61ae15b53da89093a356ffab7d3b6e62522928e60b739bfef23ca46161cb84a
b6713646122b93a69a743cf9816f977943d2e2d3d4010c27e3174a64008aab1a
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
b9e2ab6e171ba702177b97049b8d02bcf9ed9f819d3d2bb55b2e6e3473849ee9
ba78cef1f8f96f8c8b0af8a19c839ef333dfb767ecf4e4bb7053d933d0a6d8e3
ba967e544d06616196f49d15433f600b48224f12b4305e87f07138d194b3dc8f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5ea6ea207d004879bf609754899016c502e09ca1868aea8e6f9fb09eb4ff55
bbf703c7e289a5c9b67e01ffa0d69dbffcaf451da43c98deabfc27bf945af16a
bbffd580913c0d2908c6bb95e3efba94c3314b45a5504729b9170ea27a976521
bc029c3e04b018d13bdd586f31c9ea1ea3cdfa2cd4820b280d76226395ad105f
bfe3e23a6bad96eb6c7a1032c88a4a445bde098403ce1aa4f82b336aa4081b98
c01923022a02b6df39f59f53422cab02ed0709477d7c8778b5dff002e5f43490
c0f3aafb5879031f2a79664f7d6dd36fca8df9fc4fec2c09fbbfa3cb9a53d0e2
c12f7a57e5d868832ea4fd936bccb4bf911b0c3fafb75e4179805ccbd2a7593c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c450d31f38572a61737677524043711fb9695e77e28ec72c60a88089e05d4ae9
c56c07e50cedb853a79aacc1667b70b1431a5aaaa118ce7ac89b0516c47ee536
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c81e46ec29f04dd5f649c435a146e58114059537a62790af29f621096026671a
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
c87737f8f3544a5b8cc1fd97de242389c93b97313befb516107b78837fbe69f4
c8d34b869ee356962376c3d8fba5f8e122690ad081c3ca3af14900803828c76e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbe847d591e7356d9c105010dfa654d7a4b9651fc37bf6bbfa7a93cb49b60c5b
cda144ffa4f3534c4de92d849f94fac3e6660515e419e096f874d8abc8570069
cdd136e36bcf38f0a7fa2eb8e3856efcdc034d868ba5096b00a201f854066dcd
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf77a1fa2302f84eda2e622959e0ba7e78ad3355af7fb2d6b3645d767c039c43
cfc6e382bd6e727612a2f4c8ca6f88651961040440d52aaac8f51b127bee6f57
d0155673a6ca77fd823260e3e3a2a34c3a93acb4b0c5740a3d24a877c7f4cda4
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d3f5d2edb1d7efe3e24417b3a48999d2090f8b7cab6a0f773e4075b33122de03
d6a7ac03dedb9826e0bba14684f3bfc1f7236cae3cec9805a0b80a57afbb3a10
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9ec8c005f43b38c752fe12b8c903f34857b6c535ad4b8abb7e418c2a7a7503f
dc6bf5d76ccea6eb68a5b23b04d0f7e4feeeeef5c9a59f550b0033ef7b97a5b4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de70a04a5d7cb5c39a1e0f73d2aae9d96e636115013bccb2265a4071db128b18
df43f25b72d8a8b755e2dd929f8752eb0fe183400b6c11b85b24470a1f96ea3a
e05f4ab5c82e9399056e647d165e39e5e95a0221a3f2611567f1c51136831ee1
e2624ff8defd3b931d1e290b7e4293f02136e266e6dbfd0b23d287492867b665
e31089f4bfef3979c0f08d78927782510af1bfae3843bee057d14c574f4f261f
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e379fd77a44dfaea8c4424cb282ca9f808c09a1e503bf4259ff6f7d389d9e304
e37e6fd1355bc6fe818d1c117bdaadd3fad30e6bbd004efe9ee9d35aa5713983
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c2450355d0b009eea21c4563b7fa16cde374306cfad5dff4604910a2f19ab3
e6202197a142b51fe27e61415df4301c0d93830864b2c2c55326d41232facce9
e657569f1ab3e35fec79a09563b584e2500481969f6e6408667d717fbf530058
e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c
e7467ead4dd9312d3d831668efb678d459bc0a7edf1d38ce1062b3a07036ca0d
e885d00b39c11891f2ec661202de7044d5604927ed763d18fddafdeb42e76215
e926af9df186643bac4482a91e41631722921a7a73c8c32a73635fd61bef7a56
e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3
eb7bcac0e12fb4b6679bbd1fb505428016f47cc13895166c6d236999ee22215e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec598b3ed8e6939ae87872e14395bea3da18043e2509725c78b967acfd6ad807
ec9ae04448369cfd061688be0e2203a5696e42a15d1c179e7ba7849acb2c63cb
ed95b8cb612512892d20c9fd9c4b0712a424c9620ef24aec92771648e17ee512
ee96bb6aea84e17b4b9b02d725c2af85fc5b71f599bc7e342ba2cc53fc84b9c4
eef5f64d88f9fa535fb33cd8fd875201dbab8292f300d9998a06ae49616863c7
ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef203f9058602086c01a81b2ac4dabd3c68eed1b7ef6138176347f9e04aebb1e
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2ec5d3be4e566baddc13d90fd5507d236446307ce4117ae1f46d66f14addaee
f3de469d8bb23d0e10e177b2f333d4014b67efc21fa7636670401f2866e4c537
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa659c7c45d49f2417829001a787e1078f0b78298e06bf287c71458800673c25
fd53f198a259cd008a68fc5dbf189fdbfd4e8a347514b7e9a8daa19f6d940529
fdaa62cbd76ab7c29852340640d2813f801ede9fac08a8bc0c4f092fd099e642
ff5c518de325451524ec95eed103df6fac29829739a25596be6c3e492043cf3a