www.inswaves.com Open in urlscan Pro
2606:4700:4400::ac40:9ae5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7Ufin...
Effective URL:
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?u...
Submission: On May 19 via api (May 19th 2022, 5:13:18 am UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 14 domains to perform 99 HTTP transactions. The main IP is 2606:4700:4400::ac40:9ae5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.inswaves.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 7th 2021. Valid for: a year.

This is the only time www.inswaves.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1 1	2606:4700:440... 2606:4700:4400::6812:21e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:440... 2606:4700:4400::ac40:9ae5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
14	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	104.102.29.173 104.102.29.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	70.42.32.127 70.42.32.127	13789 (INTERNAP-...) (INTERNAP-BLK3)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
99	23

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

paid.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21e4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.instarwaves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::ac40:9ae5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.inswaves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	446 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92	134 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com	149 KB
9	inswaves.com www.inswaves.com	199 KB
6	outbrain.com paid.outbrain.com — Cisco Umbrella Rank: 8084 amplify.outbrain.com — Cisco Umbrella Rank: 2276 tr.outbrain.com — Cisco Umbrella Rank: 2072	6 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 ajax.googleapis.com — Cisco Umbrella Rank: 295	34 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	166 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7678 www.google.de — Cisco Umbrella Rank: 5483	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	71 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	645 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1727	1 KB
1	instarwaves.com 1 redirects www.instarwaves.com — Cisco Umbrella Rank: 797919	525 B
99	14

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.inswaves.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net paid.outbrain.com
9	www.inswaves.com	paid.outbrain.com www.inswaves.com
7	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	tr.outbrain.com	www.inswaves.com
4	fonts.googleapis.com	www.inswaves.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	1 redirects www.inswaves.com tpc.googlesyndication.com
2	p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.inswaves.com
1	www.google.de	www.inswaves.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	amplify.outbrain.com	www.inswaves.com
1	secure.gravatar.com	www.inswaves.com
1	ajax.googleapis.com	www.inswaves.com
1	www.instarwaves.com	1 redirects
1	paid.outbrain.com
99	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Frame ID: 02D85806602D66614DCC42F49B20F592
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/zrt_lookup.html
Frame ID: 0DCE400DCA3969FD7C469F7CAE0ECC20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191916&bpp=5&bdt=298&idt=106&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=6271357855242&frm=20&pv=2&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JwrtJ9fWML&p=https%3A//www.inswaves.com&dtd=129
Frame ID: E96E45CB765D3D26CCB0E94930CCB773
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191922&bpp=1&bdt=304&idt=142&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXDMJzuxFD&p=https%3A//www.inswaves.com&dtd=146
Frame ID: E4A31FDFA68DDEF6E322C838AD312E33
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191923&bpp=1&bdt=305&idt=150&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=O39tUbzvek&p=https%3A//www.inswaves.com&dtd=154
Frame ID: 1F73C07E5F2D5DA8BD377B3E5D2CBC55
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&adk=1812271804&adf=3025194257&lmt=1652671981&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191937&bpp=1&bdt=319&idt=145&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=152
Frame ID: E5AF4CB906296445ACEE587E6A0FFA56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: 9BE2A7D32FC7E46AAF14289213D9708B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
Frame ID: 872386AD663264D1C07FAC1B968175E2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 773EC6A92B62D5AF9AA846C433FE95BD
Requests: 2 HTTP requests in this frame

Frame: https://p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 1C9FB2035524BF02C5BA8191982A1512
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: B1B24004190215F954C4FCEADB454E4E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: D856D256C374EF3CB2A7649FEC396787
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: 64139B831E202A23113ACD1F473A0838
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01CA21D33DF4393052204FE2832BFD51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F76DB5E20CA9B29E1562CCCB1171E45E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

50 Celebs With Their Parents And Grandparents Who Inherited More Than Good Looks - Inswaves

Page URL History Show full URLs

http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwX... Page URL
https://www.instarwaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-... HTTP 301
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

99
Requests

99 %
HTTPS

78 %
IPv6

14
Domains

23
Subdomains

23
IPs

5
Countries

1231 kB
Transfer

3096 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zhf1n0ot8Wec56ssiRYiGBE7QaSc9QBay0gWGACoy7OdU9pgNhOf6_dBoIJzEgPpqL-eFalQgvcAJ2uSkTHNvMBjqOEqdaAwKx9y1fY5-ZdDeSCYgqqCXtZKhTrp9gX6Wqy_pidFdkMqPOdPO2dXHxKyw0ULvA3nKAlK5Qp0JIdD7qolTZPjUCeVGx_2Ym-eYY6lOHjS-H3IToIEtiKU6IU&c=5937dc84&v=3 Page URL
https://www.instarwaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true HTTP 301
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

99 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK redir
paid.outbrain.com/network/ 2 KB
1 KB 133ms
108ms Document
text/html 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zhf1n0ot8Wec56ssiRYiGBE7QaSc9QBay0gWGACoy7OdU9pgNhOf6_dBoIJzEgPpqL-eFalQgvcAJ2uSkTHNvMBjqOEqdaAwKx9y1fY5-ZdDeSCYgqqCXtZKhTrp9gX6Wqy_pidFdkMqPOdPO2dXHxKyw0ULvA3nKAlK5Qp0JIdD7qolTZPjUCeVGx_2Ym-eYY6lOHjS-H3IToIEtiKU6IU&c=5937dc84&v=3
Protocol: HTTP/1.1
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 584
Content-Type: text/html;charset=utf-8
Date: Thu, 19 May 2022 05:13:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
Pragma: no-cache
Traffic-Path: NYDC1, LGA, HHN, Europe1
Vary: Accept-Encoding, User-Agent
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Served-By: cache-lga21980-LGA, cache-hhn4041-HHN
X-Timer: S1652937191.051914,VS0,VE89
X-TraceId: d45be424cc6fe259a38b15bcdfba3763

GET
H2

200

Primary Request / Show response
www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/
Redirect Chain

https://www.instarwaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=0...
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f...

29 KB
8 KB

99ms
52ms

Document
text/html

2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Requested by: Host: paid.outbrain.com
URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zhf1n0ot8Wec56ssiRYiGBE7QaSc9QBay0gWGACoy7OdU9pgNhOf6_dBoIJzEgPpqL-eFalQgvcAJ2uSkTHNvMBjqOEqdaAwKx9y1fY5-ZdDeSCYgqqCXtZKhTrp9gX6Wqy_pidFdkMqPOdPO2dXHxKyw0ULvA3nKAlK5Qp0JIdD7qolTZPjUCeVGx_2Ym-eYY6lOHjS-H3IToIEtiKU6IU&c=5937dc84&v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125a8dc10ab58283f31910ebd4ab77b0d95b2e4ea865a72161c06bc3176eb654

Request headers

Referer: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zhf1n0ot8Wec56ssiRYiGBE7QaSc9QBay0gWGACoy7OdU9pgNhOf6_dBoIJzEgPpqL-eFalQgvcAJ2uSkTHNvMBjqOEqdaAwKx9y1fY5-ZdDeSCYgqqCXtZKhTrp9gX6Wqy_pidFdkMqPOdPO2dXHxKyw0ULvA3nKAlK5Qp0JIdD7qolTZPjUCeVGx_2Ym-eYY6lOHjS-H3IToIEtiKU6IU&c=5937dc84&v=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 265210
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 70da5785af2168fe-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 05:13:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 May 2022 09:13:11 GMT
last-modified: Mon, 16 May 2022 03:33:01 GMT
link: <https://www.inswaves.com/?p=9066>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
x-pingback: https://www.inswaves.com/xmlrpc.php

Redirect headers

cache-control: max-age=3600
cf-ray: 70da5785295f90b2-FRA
date: Thu, 19 May 2022 05:13:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 May 2022 06:13:11 GMT
location: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 79ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 03:14:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 05:13:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 05:13:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 23:29:20 GMT

GET
H2 200 autoptimize_c10820338f687ce4f7648d0c768c4550.css
www.inswaves.com/wp-content/cache/autoptimize/css/ 197 KB
35 KB 33ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/css/autoptimize_c10820338f687ce4f7648d0c768c4550.css
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e24a41622f839d43be586061da2971abaecfee51e324dc16573363dce6ab1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Dec 2021 05:42:03 GMT
server: cloudflare
age: 97733
cf-polished: origSize=202449
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 09 May 2023 05:13:11 GMT
cache-control: public, max-age=30672000
cf-ray: 70da5787ca1868fe-FRA
cf-bgj: minify

GET
H2 200 autoptimize_b6c6357df97615cbf9cc51f79364d686.css
www.inswaves.com/wp-content/cache/autoptimize/css/ 849 B
462 B 28ms
27ms Stylesheet
text/css 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/css/autoptimize_b6c6357df97615cbf9cc51f79364d686.css
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 06:32:06 GMT
server: cloudflare
age: 345238
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 09 May 2023 05:13:11 GMT
cache-control: public, max-age=30672000
cf-ray: 70da5787ca1c68fe-FRA
cf-bgj: minify

GET
H2 200 jquery-3.3.1.min.js Show response
www.inswaves.com/wp-content/plugins/jquery-updater/js/ 85 KB
31 KB 33ms
33ms Script
application/javascript 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/plugins/jquery-updater/js/jquery-3.3.1.min.js?ver=3.3.1
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jan 2019 03:58:33 GMT
server: cloudflare
age: 345239
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70da5787ca2168fe-FRA
expires: Thu, 19 May 2022 09:13:11 GMT

GET
H2 200 autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js Show response
www.inswaves.com/wp-content/cache/autoptimize/js/ 14 B
109 B 52ms
51ms Script
application/javascript 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/js/autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js?ver=4.9.20+2.4.20
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 03:05:30 GMT
server: cloudflare
age: 97732
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 09 May 2023 05:13:11 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70da5787ca2368fe-FRA
content-length: 14
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
38 KB 104ms
54ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146914112-38

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2a85dbed68a62645178a6bcffd5c9e01b293d29f90b2bd8245605f3bb7ab41a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39169
x-xss-protection: 0
last-modified: Thu, 19 May 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 May 2022 05:13:11 GMT

GET
H2 200 inswaves.jpg
www.inswaves.com/wp-content/uploads/2021/12/ 10 KB
11 KB 35ms
35ms Image
image/webp 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inswaves.com/wp-content/uploads/2021/12/inswaves.jpg
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7eec556c74dcaa309bb1a3a3e89a6da161c6760eff98fcc90984ba16a6b4900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
cf-cache-status: HIT
age: 31528
cf-polished: qual=85, origFmt=jpeg, origSize=22091
last-modified: Wed, 08 Dec 2021 06:08:35 GMT
content-disposition: inline; filename="inswaves.webp"
content-length: 10720
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70da57885ada68fe-FRA
expires: Thu, 19 May 2022 09:13:11 GMT

GET
H2 200 b5e36c09656b62c623209fff2aa43339
secure.gravatar.com/avatar/ 1 KB
1 KB 71ms
19ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b5e36c09656b62c623209fff2aa43339?s=50&d=mm&r=g
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 19 May 2022 05:13:11 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b5e36c09656b62c623209fff2aa43339.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b5e36c09656b62c623209fff2aa43339?s=50&d=mm&r=g>; rel="canonical"
content-length: 1128
expires: Thu, 19 May 2022 05:18:11 GMT

GET
H2 200 70.-Sandra-Bullock-and-Louis-Bullock.jpg
www.inswaves.com/wp-content/uploads/2020/09/ 55 KB
55 KB 34ms
33ms Image
image/webp 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inswaves.com/wp-content/uploads/2020/09/70.-Sandra-Bullock-and-Louis-Bullock.jpg
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f17d5ae102c682c56947b621e74afb53fd45cb33b1f665641f548223463fb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
cf-cache-status: HIT
age: 323490
cf-polished: qual=85, origFmt=jpeg, origSize=149302
last-modified: Tue, 01 Jun 2021 08:24:52 GMT
content-disposition: inline; filename="70.webp"
content-length: 56006
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70da57888b2168fe-FRA
expires: Thu, 19 May 2022 09:13:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
55 KB 109ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7cfa281ad728f79acbc4be5311219f405826148281fa102411a0424e7c1e751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56177
x-xss-protection: 0
server: cafe
etag: 10597610162368966091
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 May 2022 05:13:11 GMT

GET
H2 200 autoptimize_3d26145c4b68a9f7257163c4a9e7bf94.js Show response
www.inswaves.com/wp-content/cache/autoptimize/js/ 181 KB
52 KB 36ms
35ms Script
application/javascript 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/js/autoptimize_3d26145c4b68a9f7257163c4a9e7bf94.js
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19a6e866c779a788ffc3b4b174a12a4f794a2d0a92500ff3f3ae170944b1407a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 05:09:41 GMT
server: cloudflare
age: 518817
cf-polished: origSize=184952
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 09 May 2023 05:13:11 GMT
cache-control: public, max-age=30672000
cf-ray: 70da57888b2268fe-FRA
cf-bgj: minify

GET
H2 200 /
www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/2/ 0
8 KB 54ms
53ms Other
text/html 2606:4700:4400::ac40:9ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/2/
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-pingback: https://www.inswaves.com/xmlrpc.php
date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 03:33:24 GMT
server: cloudflare
age: 265187
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 70da57888b2368fe-FRA
link: <https://www.inswaves.com/?p=9066>; rel=shortlink
expires: Thu, 19 May 2022 09:13:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
33 KB 43ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR5SQCC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

712d3d8e8b1ee610495128f755d98a82c65f16028153aad43ddae6333a6400fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33001
x-xss-protection: 0
last-modified: Thu, 19 May 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 May 2022 05:13:11 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 122ms
37ms Script
application/x-javascript 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 05:13:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Thu, 19 May 2022 05:33:11 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.inswaves.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:57:13 GMT
x-content-type-options: nosniff
age: 234958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:57:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146914112-38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3243
date: Thu, 19 May 2022 04:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 19 May 2022 06:19:08 GMT

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 401ms
100ms Image
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&bust=05214055024310951
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 05:13:12 GMT
Cache-Control: no-cache
X-TraceId: 6da7b3414b9ee7dc7146bab6ef1f93c1
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 460ms
158ms Image
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&bust=020951418546647171
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 05:13:12 GMT
Cache-Control: no-cache
X-TraceId: 7b795a61f8567977b2a407f8d65b7def
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 408ms
105ms Image
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&bust=07249407811569628
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 05:13:12 GMT
Cache-Control: no-cache
X-TraceId: bd2bfe2a98da016656bc5f0a23296052
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 414ms
105ms Image
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&bust=05422577890097853
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=005f63579d2cfdd6ad1bf04f85b5038d9e&utm_campaign=outbrain-0228&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 05:13:12 GMT
Cache-Control: no-cache
X-TraceId: 44fafd13b6d87a3e7e4982a73ee3af37
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 309 KB
110 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3557543396279280&plah=www.inswaves.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4a27777c15d15512bfb0e097f669817097a30048c04c882e1d2f048e250ca93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112748
x-xss-protection: 0
server: cafe
etag: 9372079105059943437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 May 2022 05:13:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/ Frame 0DCE 10 KB
5 KB 79ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 20:45:07 GMT
etag: 1428802124239944296
expires: Wed, 01 Jun 2022 20:45:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 78ms
29ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1300812008&t=pageview&_s=1&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&dr=http%3A%2F%2Fpaid.outbrain.com%2F&ul=en-us&de=UTF-8&dt=50%20Celebs%20With%20Their%20Parents%20And%20Grandparents%20Who%20Inherited%20More%20Than%20Good%20Looks%20-%20Inswaves&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=38082821&gjid=615208919&cid=1887103150.1652937192&tid=UA-146914112-38&_gid=1238506096.1652937192&_r=1&gtm=2ou5b0&z=1196930852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inswaves.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 May 2022 05:13:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.inswaves.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 85ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.inswaves.com&callback=_gfp_s_&client=ca-pub-3557543396279280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3557543396279280&plah=www.inswaves.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b4b32169d37559ea3af9479d7e0422a07473d68dcef0305756ab7bed1e54f036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 84ms
32ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 05:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 81ms
30ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 05:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E96E 82 KB
30 KB 1288ms
1244ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191916&bpp=5&bdt=298&idt=106&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=6271357855242&frm=20&pv=2&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JwrtJ9fWML&p=https%3A//www.inswaves.com&dtd=129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddd25c23d6a912fce6bba25341d90586e12908e029d8745a695ea6239897eb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:13:13 GMT
expires: Thu, 19 May 2022 05:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4A3 85 KB
31 KB 423ms
402ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191922&bpp=1&bdt=304&idt=142&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXDMJzuxFD&p=https%3A//www.inswaves.com&dtd=146

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0efb43e1d85cc884c9c3dc157e9b6270589e0855b8fe4d7003afc9d322458d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:13:12 GMT
expires: Thu, 19 May 2022 05:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 85ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-146914112-38&cid=1887103150.1652937192&jid=38082821&gjid=615208919&_gid=1238506096.1652937192&_u=YEBAAUAAAAAAAC~&z=955843388

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inswaves.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 May 2022 05:13:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.inswaves.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F73 84 KB
30 KB 872ms
860ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191923&bpp=1&bdt=305&idt=150&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=O39tUbzvek&p=https%3A//www.inswaves.com&dtd=154

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4a8459ec14502151f5a58cc854c06f14a858c855f3f6b24cc2221436d0e7855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30990
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:13:12 GMT
expires: Thu, 19 May 2022 05:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5AF 96 KB
33 KB 723ms
722ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&adk=1812271804&adf=3025194257&lmt=1652671981&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191937&bpp=1&bdt=319&idt=145&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=152

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e05fdc0a4f9f0bad01d46a7dd2d1f67607c3a8fc4126ba722e4b8c67af0cc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34020
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:13:12 GMT
expires: Thu, 19 May 2022 05:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 83ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146914112-38&cid=1887103150.1652937192&jid=38082821&_u=YEBAAUAAAAAAAC~&z=1366527642

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 05:13:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 82ms
32ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146914112-38&cid=1887103150.1652937192&jid=38082821&_u=YEBAAUAAAAAAAC~&z=1366527642

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 05:13:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E4A3 4 KB
617 B 82ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191922&bpp=1&bdt=304&idt=142&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXDMJzuxFD&p=https%3A//www.inswaves.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9386475565ffbaa9a41d4d643cfa2a895c1f64d557ad5d3f4e299716d737f5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 04:09:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 05:13:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 05:13:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame E4A3 2 KB
984 B 80ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:04:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E4A3 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCXOP6NGFYqKcB4rB3gOZ0ZSgDe6Yl5hqqbmNnsMPyJy6wfUKEAEglK6lc2CVgoCAuAegAZfoivgCyAEJqAMByAPLBKoEvgJP0PBBVhgrrTJ7xbsmuqFzumsu94PupVJmdMN64E34ZfedO6d30qBle2lcoc6t85NaGZPgG8SCzv-UrMJg6b60WA6Fh4hNHmxgwgTSVk6no9YB0iBhYn-pGWh0ZA-yGKxoy_nGgwNBojK9yd0Rs-TdGa5TUdo1VeVtAb1Eh18-G-HVbqiYqRwYLEbFu6NWPBG3BTHWN7pglauFbuPmlACRSpM-PPDSiosxHFjCMGidDqypka9FcwRY6Sfuzw3E-wK_D68JFMzne5qtTHAxVjGo3ona6X_3CdtgvwhROc0K52mQ0Jiiap_QdA5X0ATy74VTF-aqh6wFy6bjPhYsedA05vOko-HPBuVGImXly5reQNnKhdQCfp2DgzvmZ4jBx0lJkNUWHTzDeirpzQLvSxG6aWZzJ73KuhgLO2KnL1XABJfp58D4A5IFBAgEGAGSBQQIBRgEoAYugAfRl_WHAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELumGdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzU1NzU0MzM5NjI3OTI4MBgA&sigh=NeNZNpj_nbI&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191922&bpp=1&bdt=304&idt=142&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXDMJzuxFD&p=https%3A//www.inswaves.com&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 05:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 May 2022 05:13:12 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame E4A3 21 KB
9 KB 64ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:06:25 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame E4A3 3 KB
1 KB 67ms
29ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 04:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 04:57:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4A3 135 KB
42 KB 100ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 05:13:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame E4A3 16 KB
7 KB 63ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 04:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 04:21:37 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame E4A3 30 KB
13 KB 89ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:39 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/61998083172839696/ Frame E4A3 8 KB
8 KB 67ms
29ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/61998083172839696/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00030e932c47931821992f46c292005e151fbd35fdb1c26638e0aaa0bb284bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:54:16 GMT
x-content-type-options: nosniff
age: 235136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7739
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:53:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 11:54:16 GMT

GET
DATA 200
OK truncated
/ Frame E4A3 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E4A3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 037e7c70090587d863eedc9753fcd6417a89d8892addcf910802dc95be757cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4A3 16 KB
16 KB 64ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:56:04 GMT
x-content-type-options: nosniff
age: 231428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:56:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4A3 15 KB
15 KB 61ms
23ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 209117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:07:55 GMT

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BE2 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 13:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 13:28:21 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 146 KB
52 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db47886a8b3110e0d7dfa68e5d36d869f05fab08af823b2fbdda18b06471b845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52973
x-xss-protection: 0
server: cafe
etag: 12911200614592757527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 05:13:12 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 86ms
42ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 05:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 72ms
29ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 05:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/ Frame 8723 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 21:10:10 GMT
etag: 1428802124239944296
expires: Wed, 01 Jun 2022 21:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 1F73 4 KB
617 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191923&bpp=1&bdt=305&idt=150&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=O39tUbzvek&p=https%3A//www.inswaves.com&dtd=154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9386475565ffbaa9a41d4d643cfa2a895c1f64d557ad5d3f4e299716d737f5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 04:53:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 05:13:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 05:13:12 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 1F73 2 KB
904 B 100ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:04:20 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame 1F73 21 KB
8 KB 70ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:06:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 1F73 3 KB
1 KB 92ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 04:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 04:11:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F73 135 KB
41 KB 78ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 05:13:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 1F73 16 KB
7 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:12:56 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 1F73 30 KB
12 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F73 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_Xbp6NGFYrOKB5Tl3wPZn6CQAu6Yl5hqqbmNnsMPsKGy74MCEAEglK6lc2CVgoCAuAegAZfoivgCyAEJqAMByAPLBKoEvgJP0BRAjumWbI5fUGWvCPEkgaLJnkSdUik9sNFqztT_QFRuNxXIFInOGf7MT5Gh8VSrb-YVN2_3G7qjXCGzuVlkVmyZzGJ1f7jFmsxj7oT5IiwPwSrZdGwUbN-VcIPYZOK1Kw6ZRyvZb2zX4vCzwuyD29Xqc4QDZRo8z1Qj7GQq9wL_m0WLRIFPX4yhYh2xNcWoayqQ-LkBSFtcFlIdQSVpzoTB9EwQHgSET0vZgQ56x0yAss7j_G_8s8e0HnxezCax694QOleApji9T_oQu5KXXkMnqtPIooJaV3uU4ONDElzkViJmZevUP-m-F7BSNAiMDS49G418xipp9jsLU7E6h1rZ9RFbkjqKNAPoVRaoYqcRmHYolqzncqB7fz9LdKHsV1IbRA3j4EoTzs2IHXLGdoOmPYIlOKBc784IL8jABJfp58D4A5IFBAgEGAGSBQQIBRgEoAYugAfRl_WHAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIO0JdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzU1NzU0MzM5NjI3OTI4MBgA&sigh=eEmKbduHiQ0&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191923&bpp=1&bdt=305&idt=150&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=6271357855242&frm=20&pv=1&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=O39tUbzvek&p=https%3A//www.inswaves.com&dtd=154
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 05:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8723 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6Kvi6NGFYrmUB8SBrASFtLywA4nV1PVjre3AjsENvszZrc0vEAEglK6lc2CVgoCAuAegAfSq0_oCyAECqQJOWaxlpMJ6PqgDAcgDyQSqBNQCT9AFJ-M-phgFAchJRs4nUPw7u3favYRXzvHDLH_OqXeCU6a74cGzYPcsWRqEJfGM_o34XiaTue2tCkxyrvwKUoY5aVIgdcqVWqslo5U2d-mBo8-SXVe44im5pliAkaAMyapO6mTnyVxXyj5Hx7Qyy2A-nX34WK-FXuOVIzXIq9OoxdvRDeajC6mLkYaTdjIzVO6jmIMVG9SI9OQXkVJR77mOxNVD_cEypXKXDtOG8yIdQXCXmKiACOsZ5KNFWJfzMrfRJmEE2M1_BUkJdaWpF2YLDL1Ho0Pmv3-juX-PxtmZ9nplNVVRHd_mD4JNgYLZqs475ivHEnwsfUF8l1SoJTB00G0DxGzTXSrR2Y8MyWtUB97QLvC7U04c6SnkmiDEGyYbVy_61AXTAhmzMGZLch9C1T5aYu7qTwgGGRZskFqS4S5Q8AhIWHmUB9xIYllgfUkFTMAErs721bgDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_TUrIUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-5kc0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTM1NTc1NDMzOTYyNzkyODAYAA&sigh=dYHA2EDkys8&uach_m=[UACH]

Requested by

Host: paid.outbrain.com
URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zhf1n0ot8Wec56ssiRYiGBE7QaSc9QBay0gWGACoy7OdU9pgNhOf6_dBoIJzEgPpqL-eFalQgvcAJ2uSkTHNvMBjqOEqdaAwKx9y1fY5-ZdDeSCYgqqCXtZKhTrp9gX6Wqy_pidFdkMqPOdPO2dXHxKyw0ULvA3nKAlK5Qp0JIdD7qolTZPjUCeVGx_2Ym-eYY6lOHjS-H3IToIEtiKU6IU&c=5937dc84&v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 05:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame 8723 21 KB
8 KB 51ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:06:25 GMT

GET
H3 200 3230225587345046478
tpc.googlesyndication.com/simgad/ Frame 8723 34 KB
35 KB 73ms
45ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3230225587345046478?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk0xT355HNSYP7-ocLNA0e39nbkWQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dce040013c69ce1b7899380b6066e1fbc623d9413dad24898957ff1ed5ca4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 05:09:26 GMT
x-content-type-options: nosniff
age: 345827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35315
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:51:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 May 2023 05:09:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8723 3 KB
1 KB 82ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 04:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 04:11:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8723 135 KB
41 KB 74ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 05:13:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8723 16 KB
7 KB 60ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:12:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8723 31 KB
13 KB 82ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9e1c110d4d6714cab5b99927665b47805ff459aa2f91fd7987a5440065e96ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12930
x-xss-protection: 0
server: cafe
etag: 3626088352222147917
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 18:24:51 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/61998083172839696/ Frame 1F73 8 KB
8 KB 66ms
42ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/61998083172839696/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00030e932c47931821992f46c292005e151fbd35fdb1c26638e0aaa0bb284bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:54:16 GMT
x-content-type-options: nosniff
age: 235137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7739
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:53:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 11:54:16 GMT

GET
DATA 200
OK truncated
/ Frame 1F73 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 773E 143 B
163 B 21ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 05:09:34 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1C9F 247 B
961 B 153ms
49ms Document
text/html 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

e6ebd6622ab427f9549d588f7ecaec60422e377a4e1cf7621d342b82ae9f952f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-QwffaeTa226Qjw9zn-yUXQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:13:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1F73 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa53e57d494004f39c8348920379a179a4dd435a10f181bf36d367be575ba3c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8723 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6ff3dd5bfe04f784c42ab4a8c050436bb60bab01a58d4a488d934db8ba10305

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F73 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:56:04 GMT
x-content-type-options: nosniff
age: 231429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:56:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F73 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 209118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:07:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 773E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

80ms
76ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 05:13:13 GMT
expires: Thu, 19 May 2022 05:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 05:13:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame B1B2 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 13:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 13:28:21 GMT

GET
H3 200 iframe.html Show response
p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1C9F 4 KB
2 KB 123ms
48ms Document
text/html 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

4d2ea461c81b3880bac999670d3bac813c650235e81498edf10f9d8679b6be7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1860
content-security-policy-report-only: script-src 'nonce-hkr1yeMatLR1zMAhk3l1bA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:13:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E96E 6 KB
670 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191916&bpp=5&bdt=298&idt=106&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=6271357855242&frm=20&pv=2&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JwrtJ9fWML&p=https%3A//www.inswaves.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 03:22:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 05:13:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 05:13:13 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame E96E 2 KB
904 B 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:04:20 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame E96E 21 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:06:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame E96E 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 04:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 04:11:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E96E 135 KB
41 KB 170ms
170ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 05:13:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame E96E 16 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:12:56 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame E96E 30 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E96E 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP85S6NGFYqSAB_eQjuwPn_CpgALumJeYaqm5jZ7DD6qK1pSHFxABIJSupXNglYKAgLgHoAGX6Ir4AsgBCagDAcgDywSqBLsCT9AbvU75pFWulXiMdP6JCyhaSUg4-CJDlL_f8lWkP_xrXgxLTHeaWqxfZrxZP1GaX154x0dRI5l77twexxhdF6v-nmpftvohXXJ_Nrl4BnKz85cVZy4Yp5q0Gtjm1v84pB8BWWtr1EP8VRV5KZrumTE4mAR_pwD-F5UMvD8aOlhmrhGNlg-kVwRZMzdbkIBqj_W--kBmUtXhlLuKw3swPJzQNj5n0YwVnztPfMwjAMz946oLTQy-WKhypRYGfaDFuBbWIl08PP7DUqmQnaNqBKvnkpE-2dwVkzgXJFr5k_CMKEoIQ0DlUOdYm32znaNkmwISB_Qi-c93NjfXhi1QOYbR54wiVNAcfNFOG_QXdTPZZqi6C1L7kNY6wFrjnrZCZnand9LjuOQjHaP4k5Fhx2KP91-1TqYpFo6cwASX6efA-AOSBQQIBBgBkgUECAUYBKAGLoAH0Zf1hwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCeliPSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzU1NzU0MzM5NjI3OTI4MBgA&sigh=CVM50ISkTZw&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652671981&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D005f63579d2cfdd6ad1bf04f85b5038d9e%26utm_campaign%3Doutbrain-0228%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652937191916&bpp=5&bdt=298&idt=106&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=6271357855242&frm=20&pv=2&ga_vid=1887103150.1652937192&ga_sid=1652937192&ga_hid=1300812008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44761044%2C31067629%2C21066431%2C31064018&oid=2&pvsid=1304132314187208&pem=800&tmod=427834550&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JwrtJ9fWML&p=https%3A//www.inswaves.com&dtd=129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 05:13:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/61998083172839696/ Frame E96E 8 KB
8 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/61998083172839696/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00030e932c47931821992f46c292005e151fbd35fdb1c26638e0aaa0bb284bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:54:16 GMT
x-content-type-options: nosniff
age: 235137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7739
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:53:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 11:54:16 GMT

GET
DATA 200
OK truncated
/ Frame E96E 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E4A3 42 B
64 B 98ms
55ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwLCVnw4VnJ_v5NUzYpAlg1GubN4F_Y87olZKAMbu-i4XAWK-ORHij99myt14YbcL9Z2qUnsh6s7DCSrqpuHJCA2EFVaZoJ35zmHt8-cPyI-kHDYRPMb3WxR2K&sai=AMfl-YQVdtg7jbua_j6lq7j6yYpL028iini9NIujUp39tYbaCaHGA-703k2tuH0xewuKSbaSHP_qbkRXx49C&sig=Cg0ArKJSzIRMkY76nkg-EAE&id=lidar2&mcvt=1000&p=0,0,280,349&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1836215406&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652937192069&rpt=687&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 05:13:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame D856 35 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 13:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 13:28:21 GMT

GET
DATA 200
OK truncated
/ Frame E96E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d879cf896220009f023cec91d3deecc38f63308d3d614ed9277fc2f7810c9df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E96E 15 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:29:20 GMT
x-content-type-options: nosniff
age: 233033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:29:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E96E 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 218008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:39:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 40ms
39ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220516&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed2b2019ddff18f11533ab960f7445f501640acc78cfe58833bc2ba7a5967b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 05:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10692
x-xss-protection: 0

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6413 35 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 13:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 13:28:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 05:13:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01CA 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 17:13:58 GMT
expires: Thu, 18 May 2023 17:13:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F76D 783 B
534 B 29ms
29ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d78f7a518b734d5296c2b71bc36ff8c3d5f978a98128d82afae218dcde5d658f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y0NxtEQIIUT1VmClzS_p2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Y0NxtEQIIUT1VmClzS_p2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 05:13:14 GMT
expires: Thu, 19 May 2022 05:13:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 01CA 35 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 13:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 13:28:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F76D 0
0 75ms
74ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220516&jk=1304132314187208&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F73 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdqI72DEXg06--nTiSZu5ntGur40E7ZowMtY03NQqcEGdw8f6nhYSexfVk108r_Fq1ju_JSFJfufZ4tXCLrBEGZnOCGR63lVowXUi2vkBl0Ta3KD89hS5mNq5h&sai=AMfl-YSTRi4MgV5gkKqdhDQWLJpRDc7Vqs9sibEvmgxcisq9jseBzl7ofT44z6NcWC8SDKINm47NYV6UNq_1&sig=Cg0ArKJSzIOq4-AbtNGgEAE&id=lidar2&mcvt=1015&p=0,0,280,349&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1710634035&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652937192078&rpt=1127&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 05:13:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 01CA 0
9 B 20ms
20ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nJSBQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 05:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8723 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqcafxMdqRhubI1NNxBWiN2CeDhxcINmIP8BtCfVrb7sPJobDUETnN7w7m-xVBhDYUwhjWc3LX7fujsw7A4aIEysz4vpN0fqGiKcAA_UVl0y2_G1hcpkAz4FNv&sai=AMfl-YTyhK1uUptuF4xLZ5BxakbQpBKp-xTjvq4MITzuoXdAPtUGetw19hKjKbZluK9cvmgHq5Hvsz18EwCQ&sig=Cg0ArKJSzJnDA-JjfN3REAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,767,1000,1115,1190&tos=83,684,233,115,75&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652937192943&rpt=190&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 05:13:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220516&jk=1304132314187208&bg=!9_Sl9LDNAAZL3OSAa9w7ACkAdvg8Wi9B2HnkNBjsinxjFVmEeeEQJSvCndgzdVTHt_DLMLIBwmYnWQIAAABbUgAAAAZoAQeZAqG7e8e53pUQ_2y7jnWZMNs5afMPoyovUbI-s123_haQNy4lQ2BMKnTUtJWtUl6y78klFNrT8nM3rw3pL4Y8bDr37aG29Eff88q8bMotifzrdhS6obzUjOl9tzBgddLAhwTBPBY26zeqCgxLRn7hfVhVcH0OrguiAaAEntXEiiTtCowt6KS79-k4VnwyDImhDJBYmq8jDj57nmK-IorcaL6fXg-KvuUbXJ2U7M7LiAJ47I74k7GQBD647vzUiZdzJA7aulfUDaimRwpT2wsLMsP4nl8IVfoMGxfbwZWtmH_dO1a_udrdyl9mX1Huw1398V_lI_SMAW_p_83e9dd3urk8zpZR_vosZneo4J1xXQsyoLc098noDrXvSqjEnEkNEkBE83l1GjEPJE3GtpDAwMafWXfhKOTcAYHr5Y0zE5bBSM-EK7znNMpe8mDDQpCTtLftWdP5ssMRL0Fe_TyDUVU6gU3Nha67NaSqr_hb3BbQbkILXmx0O19kfc6m-uwVfVS9kMUNCLM0l5lPEWKUm8mg0KfWDGh1-PJKHllMERAv-ldjOEQ7Ac6OYajikTI4thGt5HqhGjrgFBytd0cozIYS6eRoztIrxxv1WIjD6QrTZ1lado0EzJDXuLFKBCd6YQ4Hjq2QZDLtXQ0IPVBPPn6TacLF2q7PQdm-ta1KtTVwHe9v6XN-_MSf7y6wTa53qmKIoGsLiS2Y6UddeADaXS93rEjQQnLg11xDkkYoggRWy9HJKv4nnVwRWsJNeL4NvFaD9WgShwFVkLC0A3XEA-1uue9nVY1l6Ret_GcAzx1nngJjVHF_T781o6RHeHCwKr_HZ1EQbAyETt9Gd3V_VYzxBcqV1HWaSeL9Ug3fn0TugIilCNhjzSdArr-rd_YWCCzV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.inswaves.com/	1970-01-20 03:10:23	Name: outbrain_click_id Value: v1-925ea047328325ef32dd971e86a77b7d-00efc3f0f3435b16a9b911f5bbcb6e3745-ha4wkmzxgiydiljrge3weljumeydsljymjtgiljzmq3dcmdege2dqyrwmi
.inswaves.com/	1970-01-20 20:40:09	Name: _ga Value: GA1.2.1887103150.1652937192
.inswaves.com/	1970-01-20 03:10:23	Name: _gid Value: GA1.2.1238506096.1652937192
.inswaves.com/	1970-01-20 03:08:57	Name: _gat_gtag_UA_146914112_38 Value: 1
.inswaves.com/	1970-01-20 12:30:33	Name: __gads Value: ID=e0a885764b6eb377-22fc852c97cd0088:T=1652937192:RT=1652937192:S=ALNI_MYoDw65t8CnPZQgs70WRhA5qis6yQ
.doubleclick.net/	1970-01-20 12:30:33	Name: IDE Value: AHWqTUn_mh2osGFtNpLInW4CwF4RWi5coN88TRRcwmg3Ggei_D7c36v6zOzPNSb0dzU
.doubleclick.net/	1970-01-20 03:09:00	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
amplify.outbrain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
p4-chj6iyavdv326-fen6slr75pt5ifj7-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
paid.outbrain.com
partner.googleadservices.com
secure.gravatar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instarwaves.com
www.inswaves.com
104.102.29.173
142.250.184.226
142.250.185.163
151.101.114.132
2606:4700:4400::6812:21e4
2606:4700:4400::ac40:9ae5
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9a
2a04:fa87:fffe::c000:4902
70.42.32.127
00030e932c47931821992f46c292005e151fbd35fdb1c26638e0aaa0bb284bf4
0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671
037e7c70090587d863eedc9753fcd6417a89d8892addcf910802dc95be757cb9
0d879cf896220009f023cec91d3deecc38f63308d3d614ed9277fc2f7810c9df
125a8dc10ab58283f31910ebd4ab77b0d95b2e4ea865a72161c06bc3176eb654
127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a6e866c779a788ffc3b4b174a12a4f794a2d0a92500ff3f3ae170944b1407a
2e24a41622f839d43be586061da2971abaecfee51e324dc16573363dce6ab1ef
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f
4d2ea461c81b3880bac999670d3bac813c650235e81498edf10f9d8679b6be7f
4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc
512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
6dce040013c69ce1b7899380b6066e1fbc623d9413dad24898957ff1ed5ca4d8
6e05fdc0a4f9f0bad01d46a7dd2d1f67607c3a8fc4126ba722e4b8c67af0cc7c
6f17d5ae102c682c56947b621e74afb53fd45cb33b1f665641f548223463fb86
712d3d8e8b1ee610495128f755d98a82c65f16028153aad43ddae6333a6400fc
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7ed2b2019ddff18f11533ab960f7445f501640acc78cfe58833bc2ba7a5967b2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9386475565ffbaa9a41d4d643cfa2a895c1f64d557ad5d3f4e299716d737f5eb
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa53e57d494004f39c8348920379a179a4dd435a10f181bf36d367be575ba3c8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2a85dbed68a62645178a6bcffd5c9e01b293d29f90b2bd8245605f3bb7ab41a
b4b32169d37559ea3af9479d7e0422a07473d68dcef0305756ab7bed1e54f036
d4a27777c15d15512bfb0e097f669817097a30048c04c882e1d2f048e250ca93
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d78f7a518b734d5296c2b71bc36ff8c3d5f978a98128d82afae218dcde5d658f
d7eec556c74dcaa309bb1a3a3e89a6da161c6760eff98fcc90984ba16a6b4900
db47886a8b3110e0d7dfa68e5d36d869f05fab08af823b2fbdda18b06471b845
dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16
ddd25c23d6a912fce6bba25341d90586e12908e029d8745a695ea6239897eb3a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0efb43e1d85cc884c9c3dc157e9b6270589e0855b8fe4d7003afc9d322458d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a8459ec14502151f5a58cc854c06f14a858c855f3f6b24cc2221436d0e7855
e6ebd6622ab427f9549d588f7ecaec60422e377a4e1cf7621d342b82ae9f952f
e7cfa281ad728f79acbc4be5311219f405826148281fa102411a0424e7c1e751
ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ff3dd5bfe04f784c42ab4a8c050436bb60bab01a58d4a488d934db8ba10305
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9e1c110d4d6714cab5b99927665b47805ff459aa2f91fd7987a5440065e96ff

www.inswaves.com Open in urlscan Pro 2606:4700:4400::ac40:9ae5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

99 %HTTPS

78 %IPv6

14 Domains

23 Subdomains

23 IPs

5 Countries

1231 kBTransfer

3096 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.inswaves.com Open in urlscan Pro
2606:4700:4400::ac40:9ae5 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

99 %
HTTPS

78 %
IPv6

14
Domains

23
Subdomains

23
IPs

5
Countries

1231 kB
Transfer

3096 kB
Size

7
Cookies

99 HTTP transactions
7 data transactions