urlscan.io logo urlscan.io
SecurityTrails logo

playswellwithbutter.com Open in urlscan Pro
172.67.73.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://playswellwithbutter.com/
Effective URL: https://playswellwithbutter.com/
Submission Tags: tranco_l324
Submission: On March 26 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 13 domains to perform 68 HTTP transactions. The main IP is 172.67.73.202, located in United States and belongs to CLOUDFLARENET, US. The main domain is playswellwithbutter.com. The Cisco Umbrella rank of the primary domain is 971586.
TLS certificate: Issued by GTS CA 1P5 on February 5th 2024. Valid for: 3 months.
This is the only time playswellwithbutter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 172.67.73.202 13335 (CLOUDFLAR...)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
7 13.32.99.91 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.27 16509 (AMAZON-02)
3 108.138.6.136 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:275... 16509 (AMAZON-02)
2 13.32.99.122 16509 (AMAZON-02)
1 18.172.112.22 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 3.160.150.11 16509 (AMAZON-02)
1 18.245.31.65 16509 (AMAZON-02)
2 35.166.211.95 16509 (AMAZON-02)
2 13.33.221.174 16509 (AMAZON-02)
1 13.32.27.70 16509 (AMAZON-02)
68 24
25    172.67.73.202 (United States)

ASN13335 (CLOUDFLARENET, US)
playswellwithbutter.com
2    2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
7    13.32.99.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-91.fra60.r.cloudfront.net
ads.adthrive.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2606:4700:10::6816:2e76 (United States)

ASN13335 (CLOUDFLARENET, US)
app.slickstream.com
2    2606:4700:10::ac43:1e71 (United States)

ASN13335 (CLOUDFLARENET, US)
c05f.app.slickstream.com
c.slickstream.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.32.99.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-27.fra60.r.cloudfront.net
ads.adthrive.com
3    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    2600:9000:2491:7e00:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
2    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:275b:3600:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
2    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
1    18.172.112.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-22.fra60.r.cloudfront.net
cmp-consent-tool.privacymanager.io
1    2600:9000:225e:4400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    3.160.150.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-11.fra60.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
2    35.166.211.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-211-95.us-west-2.compute.amazonaws.com
pb-ing.ccgateway.net
2    13.33.221.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-221-174.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    13.32.27.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net
launchpad.privacymanager.io
Apex Domain
Subdomains		 Transfer
25 playswellwithbutter.com
playswellwithbutter.com — Cisco Umbrella Rank: 971586
1 MB
9 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 20961
gdpr.privacymanager.io — Cisco Umbrella Rank: 34290
geo.privacymanager.io — Cisco Umbrella Rank: 2588
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 50005
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3765
launchpad.privacymanager.io — Cisco Umbrella Rank: 3177
248 KB
8 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 7170
388 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 886
aax.amazon-adsystem.com — Cisco Umbrella Rank: 460
79 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 203
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
167 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1803
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
3 slickstream.com
app.slickstream.com — Cisco Umbrella Rank: 11149
c05f.app.slickstream.com — Cisco Umbrella Rank: 77118
c.slickstream.com — Cisco Umbrella Rank: 17130
8 KB
2 ccgateway.net
pb-ing.ccgateway.net — Cisco Umbrella Rank: 13903
375 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2229
148 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3673
pixel.wp.com — Cisco Umbrella Rank: 3422
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 108
162 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1746
156 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3387
20 KB
68 13
Domain Requested by
25 playswellwithbutter.com playswellwithbutter.com
8 ads.adthrive.com playswellwithbutter.com
ads.adthrive.com
3 gdpr-wrapper.privacymanager.io ads.adthrive.com
gdpr.privacymanager.io
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 pb-ing.ccgateway.net ads.adthrive.com
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
2 geo.privacymanager.io gdpr.privacymanager.io
2 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com playswellwithbutter.com
www.googletagmanager.com
2 use.fontawesome.com playswellwithbutter.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 launchpad-wrapper.privacymanager.io ads.adthrive.com
1 cdn.jwplayer.com ads.adthrive.com
1 cmp-consent-tool.privacymanager.io gdpr.privacymanager.io
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 c.slickstream.com playswellwithbutter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com playswellwithbutter.com
1 c05f.app.slickstream.com playswellwithbutter.com
1 app.slickstream.com 1 redirects
1 stats.wp.com playswellwithbutter.com
68 25

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.pinterest.com
www.bloglovin.com
wellersmithdesign.com
Subject Issuer Validity Valid
playswellwithbutter.com
GTS CA 1P5		 2024-02-05 -
2024-05-05		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.adthrive.com
Amazon RSA 2048 M01		 2023-05-06 -
2024-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
slickstream.com
Cloudflare Inc ECC CA-3		 2023-06-03 -
2024-06-02		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-03-16 -
2024-06-14		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
ccgateway.net
R3		 2024-02-17 -
2024-05-17		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-19 -
2024-12-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://playswellwithbutter.com/
Frame ID: 6F348673024F295E9804EFC56AEA95E7
Requests: 69 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/e1de60f/html/i.html
Frame ID: 6E46E6EE58291C531DF40D0BB3E15D04
Requests: 1 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: F69E9D10AAF67A0393AD209FD1AC7B1F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Plays Well With Butter | Unfussy & Flavor-Filled Recipes

Page URL History Show full URLs

  1. http://playswellwithbutter.com/ HTTP 307
    https://playswellwithbutter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

97 %
HTTPS

46 %
IPv6

13
Domains

25
Subdomains

24
IPs

3
Countries

2744 kB
Transfer

6702 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://playswellwithbutter.com/ HTTP 307
    https://playswellwithbutter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://app.slickstream.com/d/page-boot-data?site=816ENX7H&url=https%3A%2F%2Fplayswellwithbutter.com%2F HTTP 302
  • https://c05f.app.slickstream.com/d/page-boot-data?site=816ENX7H&url=https%3A%2F%2Fplayswellwithbutter.com%2F

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
playswellwithbutter.com/
Redirect Chain
  • http://playswellwithbutter.com/
  • https://playswellwithbutter.com/
284 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fdfc454832665c924aed9a8a569e7e36b2d4180c9e4073d146916523bfbc3ca
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
86a66a1adb1335f3-FRA
content-encoding
br
content-security-policy
block-all-mixed-content
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin
date
Tue, 26 Mar 2024 10:21:33 GMT
expires
Tue, 26 Mar 2024 10:21:33 GMT
last-modified
Mon, 25 Mar 2024 21:47:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tS4yHPVkDscstL%2Bf6lbfyN4xLXZP7kSvTfmMcraH6s0eKQySuPDnonzlKFnHFplH%2Bm1bYeSl%2BqoiBlgV3j3q8y1%2BeMTfZVUOrZkJ2LiQjfO%2FlEtrM4heFFlFJFnSZoZni3W2qBdSIk4Y"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

Location
https://playswellwithbutter.com/
Non-Authoritative-Reason
HttpsUpgrades
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
Origin
https://playswellwithbutter.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
317122
alt-svc
h3=":443"; ma=86400
content-length
78460
last-modified
Fri, 22 Sep 2023 01:45:20 GMT
server
cloudflare
etag
"f075c50f89795e4cdb4d45b51f1a6800"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qATyXlOxZiVZ4WA5IMO083sFYEwUAemT4RSBOFRrxl6yDG%2F3nxa2KRulsxvuCnMfvcgTIKYl4FLwzZkQ6YtXi389jHxrRP8A%2BgBlwzMRFQfi91iypApFZaS2PqKlD7tNFGpVGnyVnmS4pFjgAv9O2Lm4"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
86a66a1de90191ef-FRA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
Origin
https://playswellwithbutter.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6870
alt-svc
h3=":443"; ma=86400
content-length
80300
last-modified
Fri, 22 Sep 2023 01:45:20 GMT
server
cloudflare
etag
"8e1ed89b6ccb8ce41faf5cb672677105"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dNUTLYfiCrEqUKjRmD%2FTNN4HtPyTRhuXUjiUlE2Hz%2BzS%2FYA77qQXOj6meN6%2BIkxRonH%2Fss%2FB3Dn1%2BSb0slM3FuUpUAL5twcNyUwtF4JD3hk9wReiW5cIIDc8PhNlHCnPHLWS0A7VHcEWvSrbojq4mHK"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
86a66a1de90791ef-FRA
ads.min.js
ads.adthrive.com/sites/5d306c05b70365714dd7c0c3/ 		93 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5d306c05b70365714dd7c0c3/ads.min.js?referrer=https%3A%2F%2Fplayswellwithbutter.com%2F&cb=22
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-91.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
9ae1965a322f978eab718b987cc240c6e00e0550bc377e72995bba9a270925ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

adthrive-bucket
flex-01
date
Tue, 26 Mar 2024 10:21:33 GMT
content-encoding
br
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
adthrive-deployment
2024-03-25-1:e1de60f:con
x-amz-cf-pop
FRA60-P3
adthrive-commit
e1de60f
x-cache
Miss from cloudfront
adthrive-gdpr
true
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
nuXYExwC-TXMSe4du3Oe4w4_pLpxxjzaV6vqm9lPWhFmJ5OHCLIB-A==
expires
0
jquery.js
playswellwithbutter.com/wp-includes/js/jquery/ 		138 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playswellwithbutter.com/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60701
cf-polished
origSize=285334
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 16 Jan 2024 19:21:32 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RV3T9RZhsIeEyBAE5cGGv92yMLS%2FVrO9ArYqR7fNxokdxagvCNCvNRfQfHDlLUNb1OOq5XUE93nChPoPpcQedsqFEz6%2BEqo%2FLAbeDLfNy64i0Wy1o9cdp2HLDyh%2B%2BEsAP6WSrZ9mk2qv"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
86a66a1e5e3e35f3-FRA
expires
Mon, 01 Apr 2024 17:29:52 GMT
webfontloader.min.js
playswellwithbutter.com/wp-content/cache/min/1/npm/webfontloader@1.6.28/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playswellwithbutter.com/wp-content/cache/min/1/npm/webfontloader@1.6.28/webfontloader.min.js?ver=1710481797
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d30ca747551c60531d0c6998e6e820974c9d18d29391e4c0e6f841f9edad4cd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48585
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2024 05:49:57 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rsfrXfKwC2hlEo8cCWpawWsKgSdyo4mzOA3HWeQziNV%2FOi1CLM3x6yL3AWdskWlpi2xWxIfSjxM%2B%2FquP3wjxnpr0uI0r9GOKi%2FyjzXYXSiy%2BeKzSP9USP896hphrKziBFUOXjxe10tdG"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
86a66a1e5e4135f3-FRA
expires
Tue, 25 Mar 2025 20:51:48 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C34G3Y5THS
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12cbee4ee48d33f3a384faa8fca7f0b57acb8f17069fcafaff397fccce63827f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96545
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 26 Mar 2024 10:21:33 GMT
plays-well-with-butter-logo.png
playswellwithbutter.com/wp-content/uploads/2019/11/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2019/11/plays-well-with-butter-logo.png
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c3a9ed7809edccfd1c92450c05f816b134bb6bf71e54c9fdac6556c0d553e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35586
cf-polished
origFmt=png, origSize=22595
content-disposition
inline; filename="plays-well-with-butter-logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
20730
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 20 Aug 2020 12:27:40 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQ%2BJAlIL%2FeTMto06n4r%2FNjDDiAuo4dt45W3QS8pxQ5SnS9R1qp1iEYqH2y09iZ0w203r3SejCUEQ43tSr0YP4tNBIK3TW9KTd19O2SL8donMArwjXNgcrACAF5FSsS683w2LIVat0HAx"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1e6e4935f3-FRA
expires
Tue, 02 Apr 2024 00:28:27 GMT
Shaved-Kale-Brussels-Sprouts-Salad-with-Walnuts-Parmesan-and-Cranberries-15-600x740.jpg
playswellwithbutter.com/wp-content/uploads/2023/11/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2023/11/Shaved-Kale-Brussels-Sprouts-Salad-with-Walnuts-Parmesan-and-Cranberries-15-600x740.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6765ae440ad5262b08dec4405f38eaf1c15c6e31c2f01f1d6d2d89c8f0386c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
159358
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 00:05:59 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5BwTBzTyHeu1fj4e%2BAnXVEClpAGzfwpW5KvHHKPKjXQPXpBNBpXaI5QvWB2%2BZy%2FuO6eicWyuc%2BdoVVDQ1J0Kji%2B%2FPxoqdzNqXB5ITL3nitMgETmld44PS%2Fl2FzVH9fV4w2CIh8Oqc6a"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1e6e4a35f3-FRA
expires
Tue, 02 Apr 2024 10:21:34 GMT
Whole-Grain-Mustard-Vinaigrette-8-600x740.jpg
playswellwithbutter.com/wp-content/uploads/2023/11/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2023/11/Whole-Grain-Mustard-Vinaigrette-8-600x740.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82eae0d144c09790c702c0a6cc2914ba9414c0b7cb0e872423d61f246251858e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
113636
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 00:10:07 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bsope5ubCDO6RQDhhNHaRCWvkuchr6Ps7Ef4nIcWxGUUHePcyHyIpghtbdm72emmr6CEYOprc51g4xlhvAhm9SMEG0BlOfE83lnjhVNXqmTsC35Q5N3UXiGgLmmVYUo0SJ5rNX2RMgE0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1e6e4c35f3-FRA
expires
Tue, 02 Apr 2024 10:21:34 GMT
How-to-Massage-Kale-6-600x740.jpg
playswellwithbutter.com/wp-content/uploads/2023/10/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2023/10/How-to-Massage-Kale-6-600x740.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b560f31ad47e6b88ecd1a1b0b6841ce595cff73988cea8c20ee1a6d99f5c2ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
159024
x-xss-protection
1; mode=block
last-modified
Wed, 18 Oct 2023 22:37:29 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkC%2FcNCgovS8ZosYbqE%2BG%2FW8Y8FE0QZFK2C6deOtKeCXS5ALprh%2FmL%2BsAgb9yiijiA2YVZL%2FyBuHzPRCuwgepVsPC31xoKuVqJChUENB5Ebia3xTzba4c42%2BBqcuIWGe%2Bt%2FsSCe1OUH%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1eae8935f3-FRA
expires
Tue, 02 Apr 2024 10:21:34 GMT
Easy-Butternut-Squash-Mac-and-Cheese-15-600x740.jpg
playswellwithbutter.com/wp-content/uploads/2024/02/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2024/02/Easy-Butternut-Squash-Mac-and-Cheese-15-600x740.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a807ac96cbf22bba00e127ce9268c82a43f2840908e40acbae1d708a6a0d193e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
128934
x-xss-protection
1; mode=block
last-modified
Fri, 02 Feb 2024 17:15:20 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vf4MMQNMBnUI8MciK9nMeA6CZlC9KDvlv5lsKK8eCjE5eKVxiu7lBRCm9vnhQQlAevrolV6LVWKPNsBwHPQFelR6YlBxYXWG1EQE%2B6xJ2bprUFIYnl5QFzq1kREs%2FY1bPN2CELfV0sy6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1eae8d35f3-FRA
expires
Tue, 02 Apr 2024 10:21:34 GMT
Crispy-Black-Bean-Tacos-2-5-380x380.jpg
playswellwithbutter.com/wp-content/uploads/2023/02/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2023/02/Crispy-Black-Bean-Tacos-2-5-380x380.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9105194c62741a98f4e37ce4229c6ae9e7002ef5cc23fd20ee1ec4646c703477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
85777
x-xss-protection
1; mode=block
last-modified
Mon, 27 Feb 2023 22:07:33 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jx0aPgUJbki946jK3siKGPBUsDr0t%2BvQz5x7d6Wz%2Fz2wYKjLJ2EfJPlkKwA%2FpR9il9N04RaIu9jxtGjWPZvYt%2FuZMa22Gt4EKSwwQ%2FJ9MRsEdhNJ%2F2zOKLy5OaHglXgSbA5O1IVWQ34z"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1eae8e35f3-FRA
expires
Tue, 02 Apr 2024 10:21:34 GMT
Shoyu-Chicken-9-380x380.jpg
playswellwithbutter.com/wp-content/uploads/2021/04/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2021/04/Shoyu-Chicken-9-380x380.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29afc63af789eca743cad003039be307ef7f46a7f5d2f48b041ef6bdd4caef58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
50117
x-xss-protection
1; mode=block
last-modified
Wed, 07 Apr 2021 18:59:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQ9XOpwEsWo584TtPSLSm8YiCbkTgV%2BVI%2FnA794cboNZlWzM6mPXZicpT%2BhqKPSMliAiNNYxokETD7Vmd7XKpIzWtQryU%2ByBnQXnZjoIe8owRAX4DdkPGR6D87rQyLKYIiD4WDQrbhX7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1eae9035f3-FRA
expires
Tue, 02 Apr 2024 10:21:34 GMT
Springtime-Mascarpone-Pasta-with-Chicken-and-Asparagus-10-380x380.jpg
playswellwithbutter.com/wp-content/uploads/2021/04/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2021/04/Springtime-Mascarpone-Pasta-with-Chicken-and-Asparagus-10-380x380.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ffdeee29268883e01b91941b34c41a137f881e757b0da631f84e4e3a64af0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10098
cf-polished
degrade=85, origSize=45592, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
40826
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Apr 2021 18:56:50 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaFb69FugsK3aXMV7WlXY%2BT28UsAt%2BT6%2BYjXdXt31ju7WSd%2BsrROnUT7KytX20JYrmWyj4CS%2BaCSD5PSNzXZ3b%2Fft8fiiEHbFnMbZsvbQZ5cnrBPLAvTEZwjakGKY%2BsWP%2BI4A8PUYaFp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1eae9235f3-FRA
expires
Tue, 02 Apr 2024 07:33:14 GMT
Best-Ever-Bolognese-Sauce-16-380x380.jpg
playswellwithbutter.com/wp-content/uploads/2020/02/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2020/02/Best-Ever-Bolognese-Sauce-16-380x380.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431c75ec28f0c98876a32b9aec29dca52acf81603b9ff2dc32e9b53323a886c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56675
cf-polished
degrade=85, origSize=48239, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
42931
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Sep 2020 22:39:25 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1hcKeLofba9ztBerYYRcX5uZY7kdsWpvtvMN04cOF9Fkidwl%2BkNGlyRc8WCZqQVvUpFa018%2FbaiUzQLivW2Tlt%2Fr0DqFy0Ferk8G44AL6L7ZGkrTfXWg6Ulz74DNXodCbe0k%2FGRQ8r3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1ebe9835f3-FRA
expires
Mon, 01 Apr 2024 18:36:58 GMT
THE-ULTIMATE-MINESTRONE-Finals-8-380x380.jpg
playswellwithbutter.com/wp-content/uploads/2018/12/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2018/12/THE-ULTIMATE-MINESTRONE-Finals-8-380x380.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec4b9eb37c1ff54e1c9b5563190187d734240b6cde864e485a1ef7b4fd01bf73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56675
cf-polished
degrade=85, origSize=40637, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
36781
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Sep 2020 22:32:46 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pt7kGJT04uRrxkhyOxAJpol1Nu6vhEnBgZA8%2FZoi%2FeIBW3wsLgv%2BEEh1nQMFX1GooWER6KF6ZGYYVj1Ngv1ON1RjhszkbmPBgLSgw4V1BZmMokNvqUtcm%2FMzGFM5O01mPBj9KHS36pFP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1ebe9a35f3-FRA
expires
Mon, 01 Apr 2024 18:36:58 GMT
Hummus-Bowls-15-380x380.jpg
playswellwithbutter.com/wp-content/uploads/2021/03/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2021/03/Hummus-Bowls-15-380x380.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9b3a0e5c9c2623a4bb9e370f1a26396836c2a405c91bebead2d131f8c9b0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
48241
x-xss-protection
1; mode=block
last-modified
Wed, 24 Mar 2021 18:42:31 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eo57DudkC%2Bu9CeR36z%2FoznhX7e%2F9HFDH1g6llCShIN%2Bz9lXU2eonovL%2BQjQGpggqNCh693Cszwameq2ZdsaMzYBI4uGhq8PLepXjCR98N3p50CWGGrRBxU%2FlihFk%2B9oOP5dreayTQzFE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1ebe9c35f3-FRA
expires
Tue, 02 Apr 2024 10:21:34 GMT
Lemony-Basil-Creamy-Vegan-Pasta-4-380x380.jpg
playswellwithbutter.com/wp-content/uploads/2019/03/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2019/03/Lemony-Basil-Creamy-Vegan-Pasta-4-380x380.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af2b132b88f13321aeaff493671e1efbeceaf5fbb86dd8ef8364388002f0b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35584
cf-polished
degrade=85, origSize=59198, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
51696
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Sep 2020 22:33:36 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjQyr9n1IuamL30fgXnKhjX4BUzFuG9Y0yuPh3wdf0T8kiwrboCHRI%2FzrN4rhDk6HSCFhE2QXzo9aFPKOMBkLycZIxO8gWHcaT6y7m09K2cALxvK5uSc%2FGI2%2F01Kq7PyG6pf7vFQh0GM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1ebe9d35f3-FRA
expires
Tue, 02 Apr 2024 00:28:28 GMT
roasted-sweet-potato-cauliflower-tacos-10-595x893.jpg
playswellwithbutter.com/wp-content/uploads/2019/03/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2019/03/roasted-sweet-potato-cauliflower-tacos-10-595x893.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4cf7b1e4fe7fa81d8d2766160c335d57cd22ba10ccd18eb34f41c097b8d8bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56594
cf-polished
degrade=85, origSize=148063, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
144762
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 20 Aug 2020 16:56:27 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mIdzxnMco2MLa0bxoVtqjIzh3mdBQNnNx%2Ft0oLULsIWGzlG6ez4y%2F9IdVTTOrEkGDu%2BwvVkjvKk8XlBjfVIzwmn08ZIuWYNAJiv8HWECIyKsANOtBTVIQjVrFQRaKz4hmTsUOmUJ34g"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1ebe9e35f3-FRA
expires
Mon, 01 Apr 2024 18:38:18 GMT
e-202413.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202413.js
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Tue, 26 Mar 2024 10:21:33 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356565.5398
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 23 Mar 2025 22:44:54 GMT
lazyload.js
playswellwithbutter.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playswellwithbutter.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.js
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e69e1a851c7895e6bf6184fe3cc9c51a9f245d0fe1a9d9c48152d013ddc3d0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35586
cf-polished
origSize=26971
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 16 Feb 2024 05:52:31 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uE25iVFIGzl2K6Wp3CqBvTE3IucnH1D2YOD%2BpXTgPaTrqZpyfwm0vDEHVtWuUb9xQN7cTqIeWYQxcpYK0635XKh1PQ7j4TeZrMslkjZOjDXqu7if8Jytl0IOq8BDb7KlujcGXOrjW8AP"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
86a66a1ebe9f35f3-FRA
expires
Wed, 26 Mar 2025 00:28:27 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32ca40ac7bffc14e3cd37d785d5f86a548609995a8b8375bfb5d9e21f55bc97b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f441afa90396b18f29fdaf4b2d83ffeffbd53eff17982ebfe0a1e316f55c39ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b3a91a4801dab805c93141a2fcfbc603314d5d057a6e4cbc2a99fda1ed953fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
pwb-blank-flag.png
playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/pwb-blank-flag.png
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f525ae80dcd02cf18ec8ebfb70c0f08a2b6121c28c722f1823447b8be6f263
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3963
x-xss-protection
1; mode=block
last-modified
Tue, 02 Nov 2021 14:51:27 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6FC50O%2BIxNVTVVjwoTofN59wevvLXii2yifytdbvrXrDAsUhHNMZzQGNUqi2mkmd17x5yZCGiX09aEZwwB3IeTPy707v76FtK7bwz3pn6cdBXILGV6PzRPXlN5nX1W8BYEXWSm0DROzz"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1ebeab35f3-FRA
expires
Wed, 24 Jul 2024 10:21:34 GMT
hi-there-im-jess.png
playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/hi-there-im-jess.png
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5850cae00d242f25510ea2c9096afcb7d9303dbac9fbb228b07b52d4bd876d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10075
cf-polished
origFmt=png, origSize=20691
content-disposition
inline; filename="hi-there-im-jess.webp"
alt-svc
h3=":443"; ma=86400
content-length
13346
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Nov 2021 14:51:27 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W860IL%2B6vEBFOsCNkQzxw27zBCdj29bIM4wlAuzXTx3v4BjnUjoFL%2BJDX3K1nhZeL%2B%2BGEm67Xdoqp7xLvtc9WnJAk8k2HuAAXpYE4Zy7OwIIDzPzZ1eIFthBaJPpTn4q4c8t2Vs4F%2B1w"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1ebead35f3-FRA
expires
Wed, 24 Jul 2024 07:33:38 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e5951006a2e18d040061ff4d2c38108bd43e834f782f5643e956b21f64d2b6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c704aede1d014c046dabc777d84a5dadfe636445c6e031cb35869edcb68c2d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21c048a8cd9b9f070f0eb55abdf12204d8661ff234b8ee69f62bd53ce65c2cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
pwwb-hey-there-im-jess.png
playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/pwwb-hey-there-im-jess.png
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f976db430be760f884a1cf7f74c50a0c74db6aa8b0e2f0df073e7a046bc246e5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48575
cf-polished
origFmt=png, origSize=28769
content-disposition
inline; filename="pwwb-hey-there-im-jess.webp"
alt-svc
h3=":443"; ma=86400
content-length
16514
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Nov 2021 14:51:28 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbU0ZOdibHEOCGGrMdNLj%2F8aqZnZcDmGPmS3IfWmteWGqGQmbMuLrn8NBZ9sApBZaE%2BpIWaHRw49dW%2FFNqOqxm79D1%2BWobSO8FgirlYxw5OC3q3VkFHIBocsIOHrw1yw82OikTbSaNye"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1efeda35f3-FRA
expires
Tue, 23 Jul 2024 20:51:58 GMT
hey-there.png
playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/hey-there.png
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040df2de459a31b8c1be3ca2a98fcaa51b390a9611a57489c8302df832c99bed
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56594
cf-polished
origFmt=png, origSize=13029
content-disposition
inline; filename="hey-there.webp"
alt-svc
h3=":443"; ma=86400
content-length
7900
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Nov 2021 14:51:28 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6d9X3HMIZgkgqpn2cC8%2B%2FdknyfRAdpDjZ5YHKUgwKVqUJLag3CXJ56xeuj4ycNApXV078rATg0fiezSqNViMICNzkJqRbSZXdCN3P3UBXI%2F30YWoRZGUPsT7246HXBW%2BzjC%2FYgOoulz"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1efedb35f3-FRA
expires
Tue, 23 Jul 2024 18:38:19 GMT
topposts-bullet.jpg
playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/ 		170 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/themes/hayes-pwwb/assets/images/topposts-bullet.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e10b1ef55964c3ab2aba11681d2fd62324c132a47a7280edfa781c80d1fcc1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48574
cf-polished
qual=85, origFmt=jpeg, origSize=8274
content-disposition
inline; filename="topposts-bullet.webp"
alt-svc
h3=":443"; ma=86400
content-length
170
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Nov 2021 14:51:29 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FYX%2B5fXNMX2uMaoxnnfW4nl%2BdDmxYIGh8%2F%2FN2SZMfhtCIv78mUc3ArNeyokCKHWN2JLiJVbnk8SyJoBEgyUMgF3ftCq6ybygSySebn5GJXrAh9sss2ZZ%2B3ur2gpnBxajLy9cO9EJS4U"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1efedc35f3-FRA
expires
Tue, 23 Jul 2024 20:51:59 GMT
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
gzip
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 10:21:33 GMT
x-amz-cf-pop
FRA60-P3
age
2254
x-cache
Hit from cloudfront
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
s77Aq-_FH8C8VeNjvdFsLGdlGf3MTKh5gmI3-1sG-oom8kOpq6AdDA==
page-boot-data
c05f.app.slickstream.com/d/
Redirect Chain
  • https://app.slickstream.com/d/page-boot-data?site=816ENX7H&url=https%3A%2F%2Fplayswellwithbutter.com%2F
  • https://c05f.app.slickstream.com/d/page-boot-data?site=816ENX7H&url=https%3A%2F%2Fplayswellwithbutter.com%2F
0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c05f.app.slickstream.com/d/page-boot-data?site=816ENX7H&url=https%3A%2F%2Fplayswellwithbutter.com%2F
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Server
2606:4700:10::ac43:1e71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playswellwithbutter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-powered-by
Express
server
cloudflare
etag
W/"2830-SaoSUUP1BziLtg17mShOEXdnE/0"
access-control-max-age
43200
access-control-allow-methods
POST, PUT, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-slickstream-consent
cache-control
public, max-age=900
vary
Accept-Encoding
x-ss-serverid
c05-app-b6cd89b77-j2pwf
x-slickstream-consent
ask
cf-ray
86a66a217d1a2bad-FRA

Redirect headers

date
Tue, 26 Mar 2024 10:21:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
EXPIRED
x-powered-by
Express
content-length
130
cdn-cache-control
public, max-age=3600
server
cloudflare
access-control-max-age
43200
access-control-allow-methods
GET, HEAD, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
location
https://c05f.app.slickstream.com/d/page-boot-data?site=816ENX7H&url=https%3A%2F%2Fplayswellwithbutter.com%2F
access-control-allow-origin
*
cache-control
public, max-age=900
vary
Accept, Accept-Encoding
x-ss-serverid
common-app-697846cc8f-bbk5n
x-slickstream-consent
ask
cf-ray
86a66a1f5c9b9c00-FRA
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=107328405&post=0&tz=-5&srv=playswellwithbutter.com&j=1%3A13.2.1&host=playswellwithbutter.com&ref=&fcp=694&rand=0.08305537194940693
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 26 Mar 2024 10:21:33 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
3-Hour-Thanksgiving-Campaign-Photos-114-e1635701439880.jpg
playswellwithbutter.com/wp-content/uploads/2018/11/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2018/11/3-Hour-Thanksgiving-Campaign-Photos-114-e1635701439880.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e0673c8fa01802acb0ef36e4f48cf7fc4025dfe1bd8d732a9ab067388bd2f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9875
cf-polished
qual=85, origFmt=jpeg, origSize=151133
content-disposition
inline; filename="3-Hour-Thanksgiving-Campaign-Photos-114-e1635701439880.webp"
alt-svc
h3=":443"; ma=86400
content-length
124572
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sun, 31 Oct 2021 17:30:39 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tffFLOnoG%2BzRYCwZmYb2wGOWyjHwfe9ty4ZQ0SQNQN9U9claDu3lUqp8RyrNIDErWeuqzU1cKMab0epsOKKP%2BM4fLOa%2BV2ltTuK%2FuymQd5PRsHqh9G8Ub6gctOwf%2BTuDuUwg823nHs01"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1f2ef835f3-FRA
expires
Tue, 02 Apr 2024 07:36:58 GMT
Sign-Up-our-FREE-Best-of-Grilling-Recipes-Emails-13.jpg
playswellwithbutter.com/wp-content/uploads/2022/03/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playswellwithbutter.com/wp-content/uploads/2022/03/Sign-Up-our-FREE-Best-of-Grilling-Recipes-Emails-13.jpg
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57289dc07e3d65432c045768b897d8882764f4f8527a173de35e95dca09ecdba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35567
cf-polished
qual=85, origFmt=jpeg, origSize=10359
content-disposition
inline; filename="Sign-Up-our-FREE-Best-of-Grilling-Recipes-Emails-13.webp"
alt-svc
h3=":443"; ma=86400
content-length
2066
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Mar 2022 16:52:50 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LD%2Bs7ZmqoJLH3XAr5EqVbUp4r9NWQsoDE0yi%2BF9x%2FUUrjsiF7rnRrws5FvlfRKVazwN%2FjQwBErkV5T%2BI7fIaaIXZ0pxDfghVlW9tCl1%2FHyzLs8BBUDJCw1SuCVVReVsHC4RMoU7gntOk"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a1f2efa35f3-FRA
expires
Tue, 02 Apr 2024 00:28:46 GMT
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-82213937-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C34G3Y5THS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efdbfcbb6773ac66e643b6aba39c8ec56d90be940e6c75e4d95e93b0379c4413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68720
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Mar 2024 10:21:33 GMT
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-C34G3Y5THS&gtm=45je43p0v889986415za200&_p=1711448493857&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=497353554.1711448494&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711448493&sct=1&seg=0&dl=https%3A%2F%2Fplayswellwithbutter.com%2F&dt=Plays%20Well%20With%20Butter%20%7C%20Unfussy%20%26%20Flavor-Filled%20Recipes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=760
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C34G3Y5THS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 10:21:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://playswellwithbutter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-82213937-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 26 Mar 2024 09:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2572
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 26 Mar 2024 11:38:42 GMT
marmalade
ads.adthrive.com/api/v1/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5d306c05b70365714dd7c0c3&url=https%3A%2F%2Fplayswellwithbutter.com%2F&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5d306c05b70365714dd7c0c3/ads.min.js?referrer=https%3A%2F%2Fplayswellwithbutter.com%2F&cb=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-91.fra60.r.cloudfront.net
Software
/
Resource Hash
d8937c0837960dc9fe8d96507a1d8bbd13fac9096314e40a6c194fe96fa88529

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
content-encoding
br
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-trace-id
Root=1-6602a1ae-27d4ea84460f565309c69717;Parent=0155cf1935851721;Sampled=0;lineage=e948d84a:0
x-amzn-requestid
78781392-e6c0-4773-891f-4dc449ca4f60
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
x-amz-apigw-id
VO4zSEg3oAMEphQ=
x-amz-cf-id
zQkqYR4gaB80HTf-cWvVSvRFEMOAVjVCXGfiTHO537D6CUKS2jQSsw==
5d306c05b70365714dd7c0c3
ads.adthrive.com/api/v2/raptiveFloors/ 		82 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/5d306c05b70365714dd7c0c3
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5d306c05b70365714dd7c0c3/ads.min.js?referrer=https%3A%2F%2Fplayswellwithbutter.com%2F&cb=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-91.fra60.r.cloudfront.net
Software
/
Resource Hash
a24211cfe40e0ecd9bf49b8e70fa5d5f8fcb05a704426606edac144a6dbd7f39

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 08:41:13 GMT
content-encoding
br
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
6021
x-amzn-trace-id
Root=1-66028a29-7d07b60575c76f1d66b6fd52;Parent=5b737b16c7e4d717;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
e503a5c2-8c71-4dbc-b791-f2e58ddba175
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
VOqGfGcKIAMEZKQ=
x-amz-cf-id
c6aH4qhlxHE7SNnvA2nDiSOJDp3Bj0wIgkj8rpVJPSrAzwkIPrcxJQ==
adthrive.min.js
ads.adthrive.com/builds/core/e1de60f/es2018/js/ 		798 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5d306c05b70365714dd7c0c3/ads.min.js?referrer=https%3A%2F%2Fplayswellwithbutter.com%2F&cb=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-91.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
fdb2a6709bb96949ff513d5305a487bf39ef2bd16bb8b54ac301c821c88ff968

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 00:21:29 GMT
content-encoding
br
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
36005
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
qOt4KIJoWeKBPzB6go-aEWTC_G4lv7-GBfCXwjaJ_jX3jSYzerQiYA==
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=933131230&t=pageview&_s=1&dl=https%3A%2F%2Fplayswellwithbutter.com%2F&ul=en-us&de=UTF-8&dt=Plays%20Well%20With%20Butter%20%7C%20Unfussy%20%26%20Flavor-Filled%20Recipes&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=499108342&gjid=1965465021&cid=497353554.1711448494&tid=UA-82213937-1&_gid=1556051879.1711448494&_r=1&gtm=457e43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1735737181
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://playswellwithbutter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-82213937-1&cid=497353554.1711448494&jid=499108342&gjid=1965465021&_gid=1556051879.1711448494&npa=1&_u=YADAAUAAAAAAACAAI~&z=965963682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://playswellwithbutter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cropped-pwwb-32x32.png
playswellwithbutter.com/wp-content/uploads/2023/07/ 		282 B
889 B 		Other
General
Check archive.org
Download Go to
Full URL
https://playswellwithbutter.com/wp-content/uploads/2023/07/cropped-pwwb-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f48a6f6a5a700670fc0b702699ef3f94fd71440bfb3947aa9e4964439e8581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35584
cf-polished
origFmt=png, origSize=418
content-disposition
inline; filename="cropped-pwwb-32x32.webp"
alt-svc
h3=":443"; ma=86400
content-length
282
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 17:59:52 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNFnFSLcKmFc7BY70dYR0MY7yiJ5NF9B2lxbNBmW5aFikOgHviTa5BEysiWBz910r3esc71GiKgcR7VGT%2Bb%2FZm0pQ%2FprBPqec04uc58Tx220J758B9l8HimPIwAudANbYryssMiwvB0n"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86a66a22da0d35f3-FRA
expires
Tue, 02 Apr 2024 00:28:30 GMT
i.html
ads.adthrive.com/builds/core/e1de60f/html/ Frame 6E46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/e1de60f/html/i.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://playswellwithbutter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
1270
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 26 Mar 2024 10:00:24 GMT
etag
W/"63c161ccf2bd2f7a6682bae21c10e5be"
last-modified
Thu, 21 Mar 2024 18:27:37 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id
6MEA9YJv9tX7HoDdqPsyFi86MMv51RsTJXO_kZmIhHU2d4Tjz03-sw==
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
Z6xy4fEUyp1CiJSTcxZ2YAmsGaa4VgOQ
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/e1de60f/gdpr/vendor/prebid/es2018/ 		640 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/e1de60f/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7e3161a8805260b08ae421eb3f4834153e234b8aeb0c668bea8f4adcc874c37

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
mc.lBdkfyU47eZvRIk31xoCKr4egeQEf
content-encoding
br
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 10:00:42 GMT
last-modified
Thu, 21 Mar 2024 18:27:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1253
x-amz-server-side-encryption
AES256
etag
W/"9e39d288b5764454d647891ba1dcbebf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
WPCjJ0wdJG4DXGs9J0bi8UYw1FZRP_t8UEwNx6bUGTeStxu56lK8Fw==
apstag.js
c.amazon-adsystem.com/aax2/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 09:31:33 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 17:06:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3002
x-amz-server-side-encryption
AES256
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
H1i_kjLvCaiBOWn5Dy73-vCeldvA9UCVSIK-zMkIhJL1vrXWJvdNFg==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ 		478 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/gdpr-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7e00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
086bf7c3e30196f305c87baf9f9d0e1f7e61268bf8d741ec1cad31cad97b13e9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
h7raAlomITfo0tVY68kSPMO3wLCpEzcw
content-encoding
gzip
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 01:11:23 GMT
x-amz-cf-pop
FRA56-P7
age
33012
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Wed, 22 Nov 2023 06:43:46 GMT
server
AmazonS3
etag
W/"6194cda277579bac72f5f53cd116668e"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
PrObvOaXgNjXmRhYt5qlARpYTuILijQM3_5qPuog7Ckm-aPtfwE27Q==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee97f69afc47658973fe28af954d2142fa733124dffce611d9bfbaa007e5e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29208
x-xss-protection
0
server
cafe
etag
560 / 19808 / 31082082 / config-hash: 8986588044495404927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Mar 2024 10:21:34 GMT
boot-loader.js
c.slickstream.com/app/2.13.79/ 		0
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.slickstream.com/app/2.13.79/boot-loader.js
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:35 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 25 Mar 2024 17:38:21 GMT
server
cloudflare
x-amz-request-id
A2MA4V64JX7JP9GB
etag
W/"c5df3f6e14b9f3eecaa06787fe088506"
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
cf-ray
86a66a23bee12bad-FRA
x-amz-id-2
jNvKTxmF5IUgJLECjMamG9OjgmgARik+8FC+BPaZZLPz4DPQpSpji6v9Aw1zbLmpYSDMuJDDhNU=
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 07:42:29 GMT
x-amz-cf-pop
FRA56-P6
age
11360
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
-QGlZ5PcXPumhna7y6WcJhfAVZ8Zt_r6LfV0Sh6RfG6hdWZS7XFgMg==
gdpr.bundle.js
gdpr.privacymanager.io/latest/ 		136 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3600:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Y_FI2tHwceecL4aCNm0w90ZTQwQBXlnf
content-encoding
br
via
1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 09:22:29 GMT
last-modified
Wed, 03 Jan 2024 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
3546
x-amz-server-side-encryption
AES256
etag
W/"97a8e6b3690e415e6982e057a4ec3a39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
ptBXgvi1LAJhSdltz2U9zgUM1or7sFcHL4aJmlGHLeyOqaFnGTqPog==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 09:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
3546
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141049
x-xss-protection
0
server
cafe
etag
7927512453849819874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 26 Mar 2025 09:22:28 GMT
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ 		106 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7e00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ae360b492938839aa51056cf0c65a17b3d3c920e183b33b6577cf9ad71f0f47

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://playswellwithbutter.com/
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lWnI6BCIpITJpDe4yRaoUCXAYFnK96ni
content-encoding
gzip
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 10:02:55 GMT
x-amz-cf-pop
FRA56-P7
age
1120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 25 Mar 2024 17:40:01 GMT
server
AmazonS3
etag
W/"b2a036b759000237767bc3efe8c72831"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
sslg-b_DaK4TN_QQx6dkn0auih7j0QC1_BWCygEOtUdtISQ-2LiwdA==
/
geo.privacymanager.io/ 		30 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://playswellwithbutter.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 19:08:04 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1, FRA60-P3
age
54810
x-amzn-requestid
4e65f3dc-44c5-4d8e-9f95-6db014ea0c3c
x-amzn-trace-id
Root=1-6601cb94-65f4cf6a1107c798135245d8;Parent=1270dff3ea9108d9;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
VMy_LFvCjoEEVwQ=
content-length
30
x-amz-cf-id
7N_O7vZSCyZIx4PKELuVHbquFClGi8u8U8tQkwDqZRflg9ORr-UfXw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7e00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://playswellwithbutter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
age
1570
content-length
0
date
Tue, 26 Mar 2024 09:55:25 GMT
server
AmazonS3
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-id
RY6taxNB09nfoCAl4ltLTUEIdXOLnIFmAqxGZYfNuNrN18vH_lEnYA==
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://playswellwithbutter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 26 Mar 2024 10:21:34 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront), 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-apigw-id
VO4zXEJSjoEEU4w=
x-amz-cf-id
MD73ZJgkfM-x4sFa-tlTF2rc6RJnxjNPqPvJmYHOGnrV1aJsA2CJ0w==
x-amz-cf-pop
FRA50-C1 FRA60-P3
x-amzn-requestid
2b2500b3-0290-49a6-8ecd-a058bcaee27d
x-cache
Miss from cloudfront
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame F69E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-22.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://playswellwithbutter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
118562
cache-control
must-revalidate,public,max-age=604800
content-encoding
br
content-type
text/html
date
Mon, 25 Mar 2024 01:25:33 GMT
etag
W/"75610cde1541054da56aaac17da27360"
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-amz-cf-id
RqJe_16T7WQqSHd_iTLle1cHc5GevzfOg7qMUBe47LHwwpRi2V9B4g==
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
.t5aPfxCiC3dcMaLwZ0jl5ylX_nghvVJ
x-cache
Hit from cloudfront
vi3qvLwx
cdn.jwplayer.com/v2/playlists/ 		161 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/vi3qvLwx?max_resolution=1280
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9c12844c4385e75504db836bf7d5f6a688e2123c6abf039dd1970431137f5f82

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:35 GMT
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
20192
x-amz-cf-id
BKOSV7Ky_cDobVtX63PJGMlDLSPpZNPrs0CJCo3Tnpz1MVe-HQaIAA==
expires
Tue, 26 Mar 2024 10:24:35
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		280 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8998d7a011e632823ee590d6023e4bd3d7d9054aa0e4a612611212db10521f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Mar 2024 09:06:37 GMT
server
cloudflare
x-amz-request-id
HKRKXF3S7VAC772B
age
90
etag
W/"6aefeaf1c65f2ff2ba63a819b6decd41"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
86a66a261c6f2bb4-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KYCTD9ZINSZX6VKgDCra6s993/GDfFwFyumA6beJAQ56TKRJH0mqwhWAf18nF/Yc/SwxBPUC9qQ=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 		286 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-11.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3435b49596ce82bc24cacc88215a1b0541a41a2a8bf8e8a000c7ec0fa0316cb9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
O_Qe7ixyu3ZZzqWsPz4MrWksQWKlcVD.
content-encoding
gzip
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 01:31:31 GMT
x-amz-cf-pop
FRA60-P7
age
31805
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Thu, 29 Feb 2024 17:29:28 GMT
server
AmazonS3
etag
W/"0ae77510870d95a6240b7b95a7fea0f9"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
PPBTQ1P1Ypxs6plaeM8QrNv79Ae11weg4PupzjHMg5zRjnAhF_kNpw==
ads.min.css
ads.adthrive.com/sites/5d306c05b70365714dd7c0c3/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5d306c05b70365714dd7c0c3/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-91.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
3810fe4a5101ff7f4a2a876f7a65ed9333e3c7e52e3566afbe5526480a1a6468

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:40:18 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
56477
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
tXzTQxflaizMXcCbNGbzHqTEgvjUabMBI-cleBlSrlORLDva0sPstQ==
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-65.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:06:12 GMT
via
1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
923
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
SgpxjJKQKcsImZcNa51PdXU2sbnEazHUAFoi-csdSKJBdw36RixVpg==
config
c.amazon-adsystem.com/cdn/prod/ 		339 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fplayswellwithbutter.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1d0d9e2523056b4f82c369b8cc81699f218b1f02964a8652862bde244725f772

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 07:01:06 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
12029
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://playswellwithbutter.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
339
x-amz-cf-id
SnhyDM3avWSUKCm0vYWLyiD_DsAx1TP9HTdO0HL3GMG1IVVGnebcjA==
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ 		60 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/e1de60f/es2018/js/adthrive.min.js?deployment=2024-03-25-1:e1de60f:con&bucket=flex-01&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5d306c05b70365714dd7c0c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.166.211.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-211-95.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
66f7749c95e3e4d682be71f3e9adf9c9495ae53e3e651a200d4b7d43a7844c50

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://playswellwithbutter.com
date
Tue, 26 Mar 2024 10:21:36 GMT
access-control-allow-credentials
true
content-length
60
vary
Origin
content-type
application/json; charset=utf-8
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.166.211.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-211-95.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://playswellwithbutter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://playswellwithbutter.com
access-control-max-age
86400
date
Tue, 26 Mar 2024 10:21:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fplayswellwithbutter.com%2F&pid=vKSadcnD2QO1a&cb=0&ws=1600x1113&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5d306c05b70365714dd7c0c3%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A7%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C5d306c05b70365714dd7c0c3%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.221.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-221-174.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P10
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://playswellwithbutter.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
TlLCzd0D1q6YHRTsQNeihfsua9CZSmrO2aJ-Pni4HWhAW-oBhXD2NA==
bid
aax.amazon-adsystem.com/e/dtb/ 		99 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fplayswellwithbutter.com%2F&pid=vKSadcnD2QO1a&cb=1&ws=1600x1113&v=24.305.1002&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A4%2C%22id%22%3A%22AdThrive_Video_StickyOutstream_1_desktop%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C5d306c05b70365714dd7c0c3%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.221.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-221-174.fra60.r.cloudfront.net
Software
Server /
Resource Hash
2122b11e1508b63af765b4a938d5a5b27a7e51538ec6a98a1a03b822e66cfdf1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:34 GMT
via
1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P10
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://playswellwithbutter.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
99
x-amz-cf-id
w-1k6zsc9DJvwCXc4nTSftcw-HWMOqRFNSiQZpggDIiVoWZ5q0WN9A==
8e0c87cc-82e7-441b-89c3-d2470280da14
https://playswellwithbutter.com/ 		16 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://playswellwithbutter.com/8e0c87cc-82e7-441b-89c3-d2470280da14
Requested by
Host: playswellwithbutter.com
URL: https://playswellwithbutter.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af85b32f84edcabc47f31b6c878a727bb045f5fb793b5ee4da4bf86b7d866222

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
15903
Content-Type
text/javascript
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 		300 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:21:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2024 15:11:18 GMT
server
cloudflare
x-amz-request-id
T8TFZ6C27MHFWSZA
age
1095693
etag
W/"3d93a0af15b12fc9dbbc93edd96a2b7f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
86a66a267cd12bb4-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qe5pINtN1tMwG9BT7PWPlSei3inR5UMjsBLH3sZ4nov1o2n7Hsryr0k6Q2L5MF/bHC8Pso2Wvkbd5sSvm+Ai3YuOzz/oPjbd
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://playswellwithbutter.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.0smH5v3yC0Mj5CY0Yn4_OXkkced__tN
content-encoding
br
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
date
Tue, 26 Mar 2024 09:38:00 GMT
last-modified
Mon, 26 Feb 2024 08:21:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2616
x-amz-server-side-encryption
AES256
etag
W/"a92f9ecbaf5821d1d35c439a0dc33104"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
nfxnWPNOxFl4_qXIFuN0-zgnU7jU1l4ki2lj621155NowyhugfDK5g==

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onpagereveal undefined| href object| adthriveCLS object| adthrive undefined| $ function| jQuery object| WebFont function| gtag object| dataLayer object| $slickBoot object| cls_disable_ads object| cls_header_insertion object| convertkit_broadcasts object| convertkit object| _stq object| lazyLoadOptions function| st_go function| linktracker_init object| wpcom function| LazyLoad object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| GoogleAnalyticsObject function| ga boolean| gtag_enable_tcf_support function| __tcfapi object| gaplugins object| gaData object| pbjs object| apstag object| _pbjsGlobals object| _aps boolean| apstagLOADED object| cmp object| cmpConfiguration object| nodeScript object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| _comscore object| confiant object| apscustom object| launchPad object| launchPadConfiguration function| __launchpad function| addEventListenerBase

10 Cookies

Domain/Path Name / Value
.playswellwithbutter.com/ Name: _ga_C34G3Y5THS
Value: GS1.1.1711448493.1.0.1711448493.0.0.0
playswellwithbutter.com/ Name: __adblocker
Value: false
.playswellwithbutter.com/ Name: _ga
Value: GA1.2.497353554.1711448494
.playswellwithbutter.com/ Name: _gid
Value: GA1.2.1556051879.1711448494
.playswellwithbutter.com/ Name: _gat_gtag_UA_82213937_1
Value: 1
playswellwithbutter.com/ Name: gdpr-auditId
Value: f199f0ad4aa04c0b91b0cdb490b12036
playswellwithbutter.com/ Name: geo-location
Value: {"country":"DE","region":"BY"}
playswellwithbutter.com/ Name: ccuid
Value: 740a18a1-27b8-4694-8c12-3ac2f2d323dc
playswellwithbutter.com/ Name: ccsid
Value: 5c724ec8-eff8-48cd-a8a8-0c4e46cd08cc
.ccgateway.net/ Name: ccuid
Value: 740a18a1-27b8-4694-8c12-3ac2f2d323dc

1 Console Messages

Source Level URL
Text
other warning URL: https://playswellwithbutter.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ads.adthrive.com
app.slickstream.com
c.amazon-adsystem.com
c.slickstream.com
c05f.app.slickstream.com
cdn.confiant-integrations.net
cdn.jwplayer.com
cmp-consent-tool.privacymanager.io
config.aps.amazon-adsystem.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
pb-ing.ccgateway.net
pixel.wp.com
playswellwithbutter.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
108.138.6.136
13.32.27.70
13.32.99.122
13.32.99.27
13.32.99.91
13.33.221.174
172.64.144.166
172.67.73.202
18.172.112.22
18.245.31.65
192.0.76.3
2001:4860:4802:32::36
2600:9000:225e:4400:1:a3fa:7cc0:93a1
2600:9000:2491:7e00:11:2a6a:9480:93a1
2600:9000:275b:3600:16:f82a:8600:93a1
2606:4700:10::6816:2e76
2606:4700:10::ac43:1e71
2606:4700:e6::ac40:ce26
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:81c::2002
2a00:1450:400c:c1d::9a
3.160.150.11
35.166.211.95
040df2de459a31b8c1be3ca2a98fcaa51b390a9611a57489c8302df832c99bed
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
086bf7c3e30196f305c87baf9f9d0e1f7e61268bf8d741ec1cad31cad97b13e9
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
12cbee4ee48d33f3a384faa8fca7f0b57acb8f17069fcafaff397fccce63827f
1d0d9e2523056b4f82c369b8cc81699f218b1f02964a8652862bde244725f772
1e5951006a2e18d040061ff4d2c38108bd43e834f782f5643e956b21f64d2b6f
1f9b3a0e5c9c2623a4bb9e370f1a26396836c2a405c91bebead2d131f8c9b0e8
1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8
2122b11e1508b63af765b4a938d5a5b27a7e51538ec6a98a1a03b822e66cfdf1
21c048a8cd9b9f070f0eb55abdf12204d8661ff234b8ee69f62bd53ce65c2cc0
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c
29afc63af789eca743cad003039be307ef7f46a7f5d2f48b041ef6bdd4caef58
32ca40ac7bffc14e3cd37d785d5f86a548609995a8b8375bfb5d9e21f55bc97b
3435b49596ce82bc24cacc88215a1b0541a41a2a8bf8e8a000c7ec0fa0316cb9
3810fe4a5101ff7f4a2a876f7a65ed9333e3c7e52e3566afbe5526480a1a6468
3c8998d7a011e632823ee590d6023e4bd3d7d9054aa0e4a612611212db10521f
3fdfc454832665c924aed9a8a569e7e36b2d4180c9e4073d146916523bfbc3ca
42f48a6f6a5a700670fc0b702699ef3f94fd71440bfb3947aa9e4964439e8581
431c75ec28f0c98876a32b9aec29dca52acf81603b9ff2dc32e9b53323a886c7
4ae360b492938839aa51056cf0c65a17b3d3c920e183b33b6577cf9ad71f0f47
4c704aede1d014c046dabc777d84a5dadfe636445c6e031cb35869edcb68c2d2
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510
57289dc07e3d65432c045768b897d8882764f4f8527a173de35e95dca09ecdba
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c
5d30ca747551c60531d0c6998e6e820974c9d18d29391e4c0e6f841f9edad4cd
5ee97f69afc47658973fe28af954d2142fa733124dffce611d9bfbaa007e5e58
66f7749c95e3e4d682be71f3e9adf9c9495ae53e3e651a200d4b7d43a7844c50
6b3a91a4801dab805c93141a2fcfbc603314d5d057a6e4cbc2a99fda1ed953fc
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5850cae00d242f25510ea2c9096afcb7d9303dbac9fbb228b07b52d4bd876d
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
71f525ae80dcd02cf18ec8ebfb70c0f08a2b6121c28c722f1823447b8be6f263
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
82eae0d144c09790c702c0a6cc2914ba9414c0b7cb0e872423d61f246251858e
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
9105194c62741a98f4e37ce4229c6ae9e7002ef5cc23fd20ee1ec4646c703477
91e10b1ef55964c3ab2aba11681d2fd62324c132a47a7280edfa781c80d1fcc1
9ae1965a322f978eab718b987cc240c6e00e0550bc377e72995bba9a270925ee
9c12844c4385e75504db836bf7d5f6a688e2123c6abf039dd1970431137f5f82
9e0673c8fa01802acb0ef36e4f48cf7fc4025dfe1bd8d732a9ab067388bd2f6e
a24211cfe40e0ecd9bf49b8e70fa5d5f8fcb05a704426606edac144a6dbd7f39
a807ac96cbf22bba00e127ce9268c82a43f2840908e40acbae1d708a6a0d193e
a8c3a9ed7809edccfd1c92450c05f816b134bb6bf71e54c9fdac6556c0d553e6
af2b132b88f13321aeaff493671e1efbeceaf5fbb86dd8ef8364388002f0b438
af85b32f84edcabc47f31b6c878a727bb045f5fb793b5ee4da4bf86b7d866222
b4cf7b1e4fe7fa81d8d2766160c335d57cd22ba10ccd18eb34f41c097b8d8bb9
b4e69e1a851c7895e6bf6184fe3cc9c51a9f245d0fe1a9d9c48152d013ddc3d0
b560f31ad47e6b88ecd1a1b0b6841ce595cff73988cea8c20ee1a6d99f5c2ea5
c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52
c5ffdeee29268883e01b91941b34c41a137f881e757b0da631f84e4e3a64af0e
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d6765ae440ad5262b08dec4405f38eaf1c15c6e31c2f01f1d6d2d89c8f0386c8
d8937c0837960dc9fe8d96507a1d8bbd13fac9096314e40a6c194fe96fa88529
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
ec4b9eb37c1ff54e1c9b5563190187d734240b6cde864e485a1ef7b4fd01bf73
efdbfcbb6773ac66e643b6aba39c8ec56d90be940e6c75e4d95e93b0379c4413
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f441afa90396b18f29fdaf4b2d83ffeffbd53eff17982ebfe0a1e316f55c39ba
f7e3161a8805260b08ae421eb3f4834153e234b8aeb0c668bea8f4adcc874c37
f976db430be760f884a1cf7f74c50a0c74db6aa8b0e2f0df073e7a046bc246e5
fdb2a6709bb96949ff513d5305a487bf39ef2bd16bb8b54ac301c821c88ff968