www.inswaves.com Open in urlscan Pro
2606:4700:4400::6812:211b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7Ufin...
Effective URL:
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?u...
Submission: On May 19 via api (May 19th 2022, 2:53:04 am UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 103 HTTP transactions. The main IP is 2606:4700:4400::6812:211b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.inswaves.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 7th 2021. Valid for: a year.

This is the only time www.inswaves.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1 1	2606:4700:440... 2606:4700:4400::6812:21e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:440... 2606:4700:4400::6812:211b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
18	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
103	21

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

paid.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21e4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.instarwaves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::6812:211b (United States)

ASN13335 (CLOUDFLARENET, US)

www.inswaves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

at.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	473 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92	137 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	158 KB
9	inswaves.com www.inswaves.com	199 KB
6	outbrain.com paid.outbrain.com — Cisco Umbrella Rank: 8084 amplify.outbrain.com — Cisco Umbrella Rank: 2276 tr.outbrain.com — Cisco Umbrella Rank: 2072	6 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 ajax.googleapis.com — Cisco Umbrella Rank: 295	34 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	166 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7678 www.google.de — Cisco Umbrella Rank: 5483	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	71 KB
1	bahn.de at.bahn.de — Cisco Umbrella Rank: 63473	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	645 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1727	1 KB
1	instarwaves.com 1 redirects www.instarwaves.com — Cisco Umbrella Rank: 797919	522 B
103	15

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	pagead2.googlesyndication.com	www.inswaves.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net paid.outbrain.com www.googletagservices.com
9	www.inswaves.com	paid.outbrain.com www.inswaves.com
7	fonts.gstatic.com	fonts.googleapis.com
6	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	tr.outbrain.com	www.inswaves.com
4	fonts.googleapis.com	www.inswaves.com googleads.g.doubleclick.net
3	www.google.com	1 redirects www.inswaves.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	www.inswaves.com
1	at.bahn.de	paid.outbrain.com
1	www.google.de	www.inswaves.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	amplify.outbrain.com	www.inswaves.com
1	secure.gravatar.com	www.inswaves.com
1	ajax.googleapis.com	www.inswaves.com
1	www.instarwaves.com	1 redirects
1	paid.outbrain.com
103	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
at.bahn.de GeoTrust TLS RSA CA G1	`2021-12-06` - `2022-12-30`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Frame ID: 30D1F6F83521D87EE403FEA739B3201D
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/zrt_lookup.html
Frame ID: 97B5D276255338878ADC7DDCFA05335C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778776&bpp=4&bdt=222&idt=68&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=2130442373255&frm=20&pv=2&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUt9Ywqcxk&p=https%3A//www.inswaves.com&dtd=83
Frame ID: 2475B60A20B579F1335133A8407D24C5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778780&bpp=1&bdt=226&idt=94&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K85mr7qI50&p=https%3A//www.inswaves.com&dtd=98
Frame ID: 1B7B142A6226B632395FA285D8FDA37F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778781&bpp=1&bdt=227&idt=100&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alXhC7MaTN&p=https%3A//www.inswaves.com&dtd=103
Frame ID: 8A56921FF531791B8F23B8AE2CF770B0
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&adk=1812271804&adf=3025194257&lmt=1652892084&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778793&bpp=1&bdt=239&idt=93&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=99
Frame ID: 928123C2ED98C2FD0AE4EF10799EE25F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: AC54464C08AA048FA7229FB22424AF92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A45AFB9878EAE5F297E8F24CC00D58A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 52C0480170DABEB2D434A9AB41584663
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: E8E8CFF16DEA975CA7E8843D22AE0073
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: B7B3419334D9630056EB528452D98854
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: EEF5877F880A0C8842D6DA186C916ABA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7ABFC7414A9EA0285E310A322DE69A38
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F7FC4AA9E31D92DD6F7649C03559D355
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

50 Celebs With Their Parents And Grandparents Who Inherited More Than Good Looks - Inswaves

Page URL History Show full URLs

http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwX... Page URL
https://www.instarwaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-... HTTP 301
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

99 %
HTTPS

76 %
IPv6

15
Domains

23
Subdomains

21
IPs

4
Countries

1271 kB
Transfer

3157 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7ZhDcEujp10CAvA3Ar2bwiQO3XuM3m0had1pt73hG73kg4UVhPJ5qSEvy8wirPYqHGAP-hIYHPMQaI_Qf6b7EVbZ_az-2aVO3oo1jIM-5alIvd1Cn0OBjayz4WZK8wk2jSXxP8rIGLLsLM8UrXsX8ERz7L5sNJk-c8Z9mAWZa1Y40ATqYrafnkBwh6F6uSEa96UsNPQPFgeH_NcHcgWJFPtN&c=4a308e1f&v=3 Page URL
https://www.instarwaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true HTTP 301
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

103 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK redir Show response
paid.outbrain.com/network/ 2 KB
1 KB 208ms
183ms Document
text/html 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7ZhDcEujp10CAvA3Ar2bwiQO3XuM3m0had1pt73hG73kg4UVhPJ5qSEvy8wirPYqHGAP-hIYHPMQaI_Qf6b7EVbZ_az-2aVO3oo1jIM-5alIvd1Cn0OBjayz4WZK8wk2jSXxP8rIGLLsLM8UrXsX8ERz7L5sNJk-c8Z9mAWZa1Y40ATqYrafnkBwh6F6uSEa96UsNPQPFgeH_NcHcgWJFPtN&c=4a308e1f&v=3
Protocol: HTTP/1.1
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e8a2a133639aa2fb3ad62e225ff028cbce4e3ac95a5a7f81f57691731a0cc47

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 579
Content-Type: text/html;charset=utf-8
Date: Thu, 19 May 2022 02:52:58 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
Pragma: no-cache
Traffic-Path: NYDC1, LGA, FRA, Europe1
Vary: Accept-Encoding, User-Agent
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Served-By: cache-lga21943-LGA, cache-fra19174-FRA
X-Timer: S1652928778.215583,VS0,VE176
X-TraceId: 89db968146ae1bb46836296feea9c984

GET
H2

200

Primary Request / Show response
www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/
Redirect Chain

https://www.instarwaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=0...
https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=0041...

29 KB
8 KB

64ms
18ms

Document
text/html

2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Requested by: Host: paid.outbrain.com
URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7ZhDcEujp10CAvA3Ar2bwiQO3XuM3m0had1pt73hG73kg4UVhPJ5qSEvy8wirPYqHGAP-hIYHPMQaI_Qf6b7EVbZ_az-2aVO3oo1jIM-5alIvd1Cn0OBjayz4WZK8wk2jSXxP8rIGLLsLM8UrXsX8ERz7L5sNJk-c8Z9mAWZa1Y40ATqYrafnkBwh6F6uSEa96UsNPQPFgeH_NcHcgWJFPtN&c=4a308e1f&v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125a8dc10ab58283f31910ebd4ab77b0d95b2e4ea865a72161c06bc3176eb654

Request headers

Referer: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7ZhDcEujp10CAvA3Ar2bwiQO3XuM3m0had1pt73hG73kg4UVhPJ5qSEvy8wirPYqHGAP-hIYHPMQaI_Qf6b7EVbZ_az-2aVO3oo1jIM-5alIvd1Cn0OBjayz4WZK8wk2jSXxP8rIGLLsLM8UrXsX8ERz7L5sNJk-c8Z9mAWZa1Y40ATqYrafnkBwh6F6uSEa96UsNPQPFgeH_NcHcgWJFPtN&c=4a308e1f&v=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36694
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 70d98a21ce0d903a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 02:52:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 May 2022 06:52:58 GMT
last-modified: Wed, 18 May 2022 16:41:24 GMT
link: <https://www.inswaves.com/?p=9066>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
x-pingback: https://www.inswaves.com/xmlrpc.php

Redirect headers

cache-control: max-age=3600
cf-ray: 70d98a216dbd9131-FRA
date: Thu, 19 May 2022 02:52:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 May 2022 03:52:58 GMT
location: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 02:09:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:52:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:52:58 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 51ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 23:29:20 GMT

GET
H2 200 autoptimize_c10820338f687ce4f7648d0c768c4550.css
www.inswaves.com/wp-content/cache/autoptimize/css/ 197 KB
35 KB 19ms
18ms Stylesheet
text/css 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/css/autoptimize_c10820338f687ce4f7648d0c768c4550.css
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e24a41622f839d43be586061da2971abaecfee51e324dc16573363dce6ab1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Dec 2021 05:42:03 GMT
server: cloudflare
age: 101998
cf-polished: origSize=202449
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 09 May 2023 02:52:58 GMT
cache-control: public, max-age=30672000
cf-ray: 70d98a224e6f903a-FRA
cf-bgj: minify

GET
H2 200 autoptimize_b6c6357df97615cbf9cc51f79364d686.css
www.inswaves.com/wp-content/cache/autoptimize/css/ 849 B
402 B 15ms
15ms Stylesheet
text/css 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/css/autoptimize_b6c6357df97615cbf9cc51f79364d686.css
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 06:32:06 GMT
server: cloudflare
age: 101998
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 09 May 2023 02:52:58 GMT
cache-control: public, max-age=30672000
cf-ray: 70d98a224e70903a-FRA
cf-bgj: minify

GET
H2 200 jquery-3.3.1.min.js Show response
www.inswaves.com/wp-content/plugins/jquery-updater/js/ 85 KB
31 KB 17ms
17ms Script
application/javascript 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/plugins/jquery-updater/js/jquery-3.3.1.min.js?ver=3.3.1
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jan 2019 03:58:33 GMT
server: cloudflare
age: 101998
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 70d98a224e71903a-FRA
expires: Thu, 19 May 2022 06:52:58 GMT

GET
H2 200 autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js Show response
www.inswaves.com/wp-content/cache/autoptimize/js/ 14 B
181 B 14ms
14ms Script
application/javascript 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/js/autoptimize_single_c7118e30e58e22e72a0eca8ec9336599.js?ver=4.9.20+2.4.20
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 03:05:30 GMT
server: cloudflare
age: 101998
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 09 May 2023 02:52:58 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70d98a224e74903a-FRA
content-length: 14
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
38 KB 130ms
55ms Script
application/javascript 2a00:1450:400f:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146914112-38

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

788aec3ea0a3375c138dcfca759ad0b942d00e5c985f3a274446cc8d16841c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39172
x-xss-protection: 0
last-modified: Thu, 19 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 May 2022 02:52:58 GMT

GET
H2 200 inswaves.jpg
www.inswaves.com/wp-content/uploads/2021/12/ 10 KB
11 KB 30ms
29ms Image
image/webp 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inswaves.com/wp-content/uploads/2021/12/inswaves.jpg
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7eec556c74dcaa309bb1a3a3e89a6da161c6760eff98fcc90984ba16a6b4900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
cf-cache-status: HIT
age: 334224
cf-polished: qual=85, origFmt=jpeg, origSize=22091
last-modified: Wed, 08 Dec 2021 06:08:35 GMT
content-disposition: inline; filename="inswaves.webp"
content-length: 10720
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70d98a22aeb4903a-FRA
expires: Thu, 19 May 2022 06:52:58 GMT

GET
H2 200 b5e36c09656b62c623209fff2aa43339
secure.gravatar.com/avatar/ 1 KB
1 KB 33ms
7ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b5e36c09656b62c623209fff2aa43339?s=50&d=mm&r=g
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 19 May 2022 02:52:58 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b5e36c09656b62c623209fff2aa43339.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b5e36c09656b62c623209fff2aa43339?s=50&d=mm&r=g>; rel="canonical"
content-length: 1128
expires: Thu, 19 May 2022 02:57:58 GMT

GET
H2 200 70.-Sandra-Bullock-and-Louis-Bullock.jpg
www.inswaves.com/wp-content/uploads/2020/09/ 55 KB
55 KB 16ms
15ms Image
image/webp 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inswaves.com/wp-content/uploads/2020/09/70.-Sandra-Bullock-and-Louis-Bullock.jpg
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f17d5ae102c682c56947b621e74afb53fd45cb33b1f665641f548223463fb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
cf-cache-status: HIT
age: 5999
cf-polished: qual=85, origFmt=jpeg, origSize=149302
last-modified: Tue, 01 Jun 2021 08:24:52 GMT
content-disposition: inline; filename="70.webp"
content-length: 56006
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70d98a22ced0903a-FRA
expires: Thu, 19 May 2022 06:52:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
55 KB 65ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2ed87890b18543be60acf3c2a569f1eeee711f0b2a64b63cffa5bdcd46b582b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56173
x-xss-protection: 0
server: cafe
etag: 9302255011375203842
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 May 2022 02:52:58 GMT

GET
H2 200 autoptimize_3d26145c4b68a9f7257163c4a9e7bf94.js Show response
www.inswaves.com/wp-content/cache/autoptimize/js/ 181 KB
52 KB 19ms
18ms Script
application/javascript 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/wp-content/cache/autoptimize/js/autoptimize_3d26145c4b68a9f7257163c4a9e7bf94.js
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19a6e866c779a788ffc3b4b174a12a4f794a2d0a92500ff3f3ae170944b1407a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 05:09:41 GMT
server: cloudflare
age: 22797
cf-polished: origSize=184952
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 09 May 2023 02:52:58 GMT
cache-control: public, max-age=30672000
cf-ray: 70d98a22ced1903a-FRA
cf-bgj: minify

GET
H2 200 /
www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/2/ 0
8 KB 16ms
15ms Other
text/html 2606:4700:4400::6812:211b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/2/
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:211b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-pingback: https://www.inswaves.com/xmlrpc.php
date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 May 2022 01:12:59 GMT
server: cloudflare
age: 5999
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 70d98a22ded3903a-FRA
link: <https://www.inswaves.com/?p=9066>; rel=shortlink
expires: Thu, 19 May 2022 06:52:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
33 KB 81ms
47ms Script
application/javascript 2a00:1450:400f:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR5SQCC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1476fdde38cabe2797f12e10bc6312b2bd632d25e831a3cdee5dd6375cf2501d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32998
x-xss-protection: 0
last-modified: Thu, 19 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 May 2022 02:52:58 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 41ms
7ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:52:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Thu, 19 May 2022 03:12:58 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 44ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.inswaves.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:57:13 GMT
x-content-type-options: nosniff
age: 226545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:57:13 GMT

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 364ms
85ms Image
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&bust=07096854450381727
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:52:59 GMT
Cache-Control: no-cache
X-TraceId: 5ec611bbbc6df59611de543804037b95
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 371ms
86ms Image
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&bust=05528903534534406
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:52:59 GMT
Cache-Control: no-cache
X-TraceId: 52fc088e67dbaed66a3bdd1b7bb91360
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 392ms
91ms Image
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&bust=019884622597647272
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:52:59 GMT
Cache-Control: no-cache
X-TraceId: 583e6727a4386de53209dc5e12f4c706
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 402ms
94ms Image
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00efc3f0f3435b16a9b911f5bbcb6e3745,000cbe35a041ef2ade773971c34e4468aa,00822d427d9e786dfae667f209b62b6f77&obApiVersion=1.1&obtpVersion=1.6.0&name=viewcontent&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&optOut=false&ob_click_id=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&bust=08083123497208338
Requested by: Host: www.inswaves.com
URL: https://www.inswaves.com/2021/06/11/50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5/?utm_medium=CNN&utm_source=0014dace722b21ef3ebec62fc10f878c42&utm_content=004196b5c6527f94cc339ffde17a58f866&utm_campaign=ob4-0209&utm_term=CNN+Edition+%28Turner+International%29&dicbo=v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe&obOrigUrl=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:52:59 GMT
Cache-Control: no-cache
X-TraceId: bba980b60dc67373b409892a4bfb921c
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 309 KB
110 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3557543396279280&plah=www.inswaves.com&bust=31067624

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78e588f105bc7faee5a66d832dc84e077039e9d38d3429e2b495e5370d6a5924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112754
x-xss-protection: 0
server: cafe
etag: 13916695106085588229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 May 2022 02:52:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/ Frame 97B5 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220516/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 18:41:51 GMT
etag: 1428802124239944296
expires: Wed, 01 Jun 2022 18:41:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 91ms
15ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.inswaves.com&callback=_gfp_s_&client=ca-pub-3557543396279280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3557543396279280&plah=www.inswaves.com&bust=31067624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

096920fd8494d1f3caea60592f0e869bfdb43d2f169498ddb7810840d4470af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2475 82 KB
30 KB 728ms
712ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778776&bpp=4&bdt=222&idt=68&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=2130442373255&frm=20&pv=2&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUt9Ywqcxk&p=https%3A//www.inswaves.com&dtd=83

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34bba77e1f0cc2be52e313449a88c2b7060c367c2722cb4cd946f055e63f5fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30877
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:52:59 GMT
expires: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146914112-38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2030
date: Thu, 19 May 2022 02:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 19 May 2022 04:19:08 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B7B 82 KB
30 KB 754ms
754ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778780&bpp=1&bdt=226&idt=94&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K85mr7qI50&p=https%3A//www.inswaves.com&dtd=98

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cebb32a9a27380659d173bcdd9dde01ade8f12557f4f1fcfbf203ad7e5af1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:52:59 GMT
expires: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A56 89 KB
32 KB 493ms
493ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778781&bpp=1&bdt=227&idt=100&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alXhC7MaTN&p=https%3A//www.inswaves.com&dtd=103

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bae025420236d897fe7f7fc530c823b78d914a2e9cc2b081840e8e858ce831a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32699
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:52:59 GMT
expires: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9281 100 KB
34 KB 656ms
656ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&adk=1812271804&adf=3025194257&lmt=1652892084&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778793&bpp=1&bdt=239&idt=93&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280%2C349x280&nras=1&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=99

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e515f6f2726989b202e23d32ec8aa751bf62f4c9595c676fc57f6a68ed34ea4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35081
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:52:59 GMT
expires: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1354839657&t=pageview&_s=1&dl=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&dr=http%3A%2F%2Fpaid.outbrain.com%2F&ul=en-us&de=UTF-8&dt=50%20Celebs%20With%20Their%20Parents%20And%20Grandparents%20Who%20Inherited%20More%20Than%20Good%20Looks%20-%20Inswaves&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=948855565&gjid=1140574442&cid=1947498308.1652928779&tid=UA-146914112-38&_gid=182788337.1652928779&_r=1&gtm=2ou5b0&z=1517417577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inswaves.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:52:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.inswaves.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-146914112-38&cid=1947498308.1652928779&jid=948855565&gjid=1140574442&_gid=182788337.1652928779&_u=YAhAAUAAAAAAAC~&z=133040121

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inswaves.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 May 2022 02:52:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.inswaves.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 42ms
19ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146914112-38&cid=1947498308.1652928779&jid=948855565&_u=YAhAAUAAAAAAAC~&z=1276319759

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:52:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 41ms
18ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146914112-38&cid=1947498308.1652928779&jid=948855565&_u=YAhAAUAAAAAAAC~&z=1276319759

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:52:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 8A56 9 KB
4 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778781&bpp=1&bdt=227&idt=100&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alXhC7MaTN&p=https%3A//www.inswaves.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:35:53 GMT

GET
H2 200 fc31345c98083c03a221f59decf0a196.js Show response
www.gstatic.com/mysidia/ Frame 8A56 15 KB
6 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc31345c98083c03a221f59decf0a196.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34383f0293f28938c6b08943c19efb698457b0564e92ef2e19ee96dc6b691ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 17:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6196
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 17:27:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8A56 6 KB
670 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 02:31:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:52:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8A56 2 KB
984 B 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:45:01 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 8A56 6 KB
2 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 19:27:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame 8A56 21 KB
9 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:43:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8A56 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:35:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A56 135 KB
42 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8A56 16 KB
7 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:14:29 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 8A56 30 KB
12 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:36:04 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1502314788690046352/ Frame 8A56 22 KB
22 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1502314788690046352/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4da3fa534ba0f21b5c8040bcd1b691e3dc74d45f5ea2d27e9e973b853a02a08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 00:05:25 GMT
x-content-type-options: nosniff
age: 182854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22039
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:54:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 May 2023 00:05:25 GMT

GET
DATA 200
OK truncated
/ Frame 8A56 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A56 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCHNhCrGFYqCMN4iN9u8Psry8wAr85Y2UatimkP-UEK2Am4vaLxABIJSupXNglbqAgpgHoAGy5MnzA8gBCakCdANHyw2OsT6oAwHIA8sEqgTFAk_Q9WYg5CSMicaKQtYuu3r6butp4NMcPQpODNdcTT1Pl8i2N7SFQ784oLV13_RjkhhGT1mbLa7jV_KTbCsMFcRqZAamo8D4uHKL4xFWHukrD1676sKpJHZA_YKYsz0o8zUbMHxXGIly5ys3jkBOA5zi1Mg95b8cc4e08tFpJzEZx5o-M7E19Z1Zm4js_H7HQGAionevA186IFgc4ZmCZLZ9azfS6EcgEHKQSbFmvt39EVAgtC6D6CZgpaghHXUOZX0EkxUPlxtEptr7x1K5DsGp7YifQfJFeY1lV_VHReVcCXaV6sjFGBIW9d5wRru4bVi8BQPR2DAww9Hm82L6E0i2E5ymUs78vDMjlkMW6zq6S4XkHz6ifAbukHbA0PTXUBtJgjpM2Vy4BXVmQYyAQ_8dzSr4SGindXUDwIlHUL0KoHwaNdbABJ3v5NDuA5IFBAgEGAGSBQQIBRgEoAYugAeJqJ-PAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELTwGNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zNTU3NTQzMzk2Mjc5MjgwGAA&sigh=8uTuWaf2J38&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=8059705922&adk=1710634035&adf=1497098137&pi=t.ma~as.8059705922&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778781&bpp=1&bdt=227&idt=100&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280%2C349x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alXhC7MaTN&p=https%3A//www.inswaves.com&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 May 2022 02:52:59 GMT

GET
DATA 200
OK truncated
/ Frame 8A56 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634c8862d56c627725eaf5e495d2d3e8462d93f35276c31419e5eb9eb4451e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8A56 15 KB
16 KB 26ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:29:20 GMT
x-content-type-options: nosniff
age: 224619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:29:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8A56 15 KB
15 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 209594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:39:45 GMT

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame AC54 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:20:56 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A56 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZURXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAAYQDAECg0QAyEAAEAzM_uAQDAECg0QCiEAAADAzMweQDAECg0QDSEAAAAAAAAAADAECg0QHioHMzQ5eDI4MDAECg0QGSoHMzQ5eDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAIBmZj6BQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAAwQDAECg0QBSEAAAAAAECBQDAECg0QECEAAAAA4BzgQDAECg0QESEAAAAAQKrSQDAECg0QEiEAAAAAAAAcQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAIBmZmqCQDAECg0QFCEAAAAAQLPkQDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAMDMzOiCQDAECg0QMiEAAAAANDPTPzAECg0QMyEAAAAANDPTPzAECg0QNCEAAAAANDPTPzAECg0QNSEAAAAANDPTPzAECg0QNiEAAAAANDPTPzAECg0QNyEAAAAANDPTPzAECg0QOCEAAAAAAADwPzAECg0QOSEAAADNzOR-QDAECg0QOiEAAADNzCR_QDAECg0QOyEAAICZmWWCQDAECg0QPCEAAICZmWWCQDAECg0QPSEAAIBmZmqCQDAECg0QPiEAAAAAAIiCQDAECg0QPyEAAAAAAIiCQDAECg0QQCEAAEAzM_-CQDAEEhpDS0M1MHNYSDZ2Y0NGWWlHX1FjZE1oNFBxQSIXc2NyZWFtL3Rocm9uZV9pbWFnZV9vY2goEQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc31345c98083c03a221f59decf0a196.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:52:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 146 KB
52 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/reactive_library_fy2019.js?bust=31067624

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c2649a774d659f3b49ed7874ba32cc08ef3135ed6e7b08a61778e6e1338024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52973
x-xss-protection: 0
server: cafe
etag: 12369559649328763399
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2475 6 KB
670 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778776&bpp=4&bdt=222&idt=68&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=2130442373255&frm=20&pv=2&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUt9Ywqcxk&p=https%3A//www.inswaves.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 02:15:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:52:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 2475 2 KB
904 B 26ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:24:15 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame 2475 21 KB
8 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:43:23 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 2475 3 KB
1 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 01:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:41:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 2475 16 KB
7 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:28:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2475 135 KB
41 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 2475 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:36:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2475 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0oJpCrGFYpHXNv-D7_UP_PC1yA_VyKyKao27js38D7_ZhLCPDhABIJSupXNglbqAgpgHoAHe0Pu6AcgBCagDAcgDywSqBLsCT9DW7_Pn9IUqWy4_OxSv30zmiKgO2sXA491Jz1b4kG2SEHv1UuJaTN_FEjTHT48Sy1jAiWV4AWuj0EiVq_FWH6CWB1MUxc_eJw3AOox687D5jz9AjmE0MkVe7vPeBqRureI84VMMZJxKwcENRiUMjGrZedPctqFz4Q11qyMQ4T0VYGYEO0DaLYIn-q50EtERumcT-fba3JNw0CRrwsOhBDCFI1RbxRMxifVRFIU7szbWOjg-7WpJI0jK0i1W_oDu70s_8iqD2uocM4ty6-jDSkMTiqKbTQuWGa8ADvWz_ke1PTlZXO-M96bHYjuS_gkV_j8hKou7eSF44PoM8CSeqGMm0mtXJEGs63kyEHc0F-myTS1FpONxMkaYHn7y-TWDpXWTO9gLy1i-FDCQmmO2C4TgxWTIBJiza7ZbwAT0wbi-kASSBQQIBBgBkgUECAUYBKAGLoAHiq-ExQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD9kxvSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzU1NzU0MzM5NjI3OTI4MBgA&sigh=uTfoTieRjL0&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=5449536564&adk=3891030896&adf=2227106891&pi=t.ma~as.5449536564&w=400&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=400x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778776&bpp=4&bdt=222&idt=68&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&correlator=2130442373255&frm=20&pv=2&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=367&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUt9Ywqcxk&p=https%3A//www.inswaves.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.inswaves.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/ Frame 3A45 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 20:59:00 GMT
etag: 1428802124239944296
expires: Wed, 01 Jun 2022 20:59:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/999047693126337660/ Frame 2475 12 KB
12 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/999047693126337660/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fde841e90e7ddfc3912e114e9aae1bee2b60dc0d20a6f73939522c662c574e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 15:40:48 GMT
x-content-type-options: nosniff
age: 213131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11869
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 02:00:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 15:40:48 GMT

GET
DATA 200
OK truncated
/ Frame 2475 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 1B7B 6 KB
670 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778780&bpp=1&bdt=226&idt=94&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K85mr7qI50&p=https%3A//www.inswaves.com&dtd=98

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 01:51:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:52:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 1B7B 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:24:15 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame 1B7B 21 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:43:23 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 1B7B 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 01:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:41:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B7B 135 KB
41 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 1B7B 16 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:28:03 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 1B7B 30 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:36:04 GMT

GET
H/1.1 200
OK ai.aspx Show response
at.bahn.de/ Frame 3A45 43 B
1 KB 75ms
24ms Fetch
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=17238930155&cb=635354146

Requested by

Host: paid.outbrain.com
URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7ZhDcEujp10CAvA3Ar2bwiQO3XuM3m0had1pt73hG73kg4UVhPJ5qSEvy8wirPYqHGAP-hIYHPMQaI_Qf6b7EVbZ_az-2aVO3oo1jIM-5alIvd1Cn0OBjayz4WZK8wk2jSXxP8rIGLLsLM8UrXsX8ERz7L5sNJk-c8Z9mAWZa1Y40ATqYrafnkBwh6F6uSEa96UsNPQPFgeH_NcHcgWJFPtN&c=4a308e1f&v=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 19 Mai 2022 02:52:59 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 19 May 2022 02:52:59 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A45 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckm5ICrGFYsXNN7HH7_UPxd6DwAacuOqJaqOln8-ZEL_hHhABIJSupXNglbqAgpgHoAHgs_yiA8gBA6kCHjIRm_6OsT6oAwHIA8kEqgTEAk_QCRqa3Btc9cY2RpHYqNbJutHvKudG1d9UQ-hh1cPTASHbhh2tZCDLMlYJ1EPulZJS3E6F8LT90mwKXtKYER0ND-A8Se6Mvj_4ybs9xwFJm4PpAoeSvT2z3RRvPxQRdg-pGA8arOPEtKsoLcwAbgCTP7L09UB8XnSkn3Fvrfqp_SDoptdmR5JuXG42u2hnTdRmbzHI-NG9MUttUKOmg5V8Bi_OyS1ODDraIk_fz8qAKvcsMVDfgllTlAkcgFw-avwA6eLmkwWnNJ9sQvYAq4DdS100FAlu8x5RX73xS27yRBgwN2dWnVeuXxrlrHFS5Jkm6-9c_XcKj3jv6--URVPEJp6n-RbmFW3s6TCGYqRSVTniU7Bu4aWbGpsnvwxb84ZcFLKrODgQ4ut4_LFzy8YeEMN4oXt2X7T5RQs9IjYnVUo7v8AEjMSLloMEoAYDgAeIzINdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6Y0l0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTM1NTc1NDMzOTYyNzkyODAYAA&sigh=WXwD3B5Cq7A&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame 3A45 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:43:23 GMT

GET
H3 200 14467517511950561487
tpc.googlesyndication.com/simgad/ Frame 3A45 41 KB
41 KB 12ms
10ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14467517511950561487

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06a71bcd7ef9c243626a47c607e6e91cf44d57bf2a05e6abecc376d84800132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 07:04:47 GMT
x-content-type-options: nosniff
age: 244092
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41723
x-xss-protection: 0
last-modified: Wed, 11 May 2022 12:44:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 07:04:47 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 3A45 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 01:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:41:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A45 135 KB
41 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 3A45 16 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:28:03 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 3A45 31 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9e1c110d4d6714cab5b99927665b47805ff459aa2f91fd7987a5440065e96ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12930
x-xss-protection: 0
server: cafe
etag: 3626088352222147917
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 18:24:51 GMT

GET
DATA 200
OK truncated
/ Frame 2475 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 977bd7ccb1707b1bb7704e2ab2c7650d7b72ed4da49f4583c18b0339bdc0855c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B7B 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZw8rCrGFYrLYNpWk9u8PyqC9kAjVyKyKasW5js38D7_ZhLCPDhABIJSupXNglbqAgpgHoAHe0Pu6AcgBCagDAcgDywSqBL4CT9DwVHukvjfjuZawS8XZWYWzZL3Wgy8GyIC24qH0CfzzbhNRpiNsGTmYS2z3nImS8ANjILFfpFuanx3pYwyv9SEQhvxccq6dHkfCPPNfogvKNtSxsS8XkKYad99ecu3pNbL2c0ca8TE2OCAf544j7uhp0ZV1TN05LsIrXON_WKDzXRyaMU5NeOUmWdXytdS5Jk4O66g1NPfR4U9Y8o_iXbyso2i6HZkEevfaFAVZ-XBADFxgy1bBN0CHiIu6LcCckMr7c30zYLHiW5RSxzoUwPBZL1LVUSqWrc_Q83_BrsHigBg9GfvcC92YDqIxGTa2uKqqn6_gOFBneXzUzcXY929Zj0zC6sk7s4-6kZ0aZHd8uXjqyHl2qtCCeksfnPCXO2q2j8Uq-6cgRYPIGEmRG6F7j5WE5yZ5QCSxB3JawAT0wbi-kASSBQQIBBgBkgUECAUYBKAGLoAHiq-ExQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDM4BHSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzU1NzU0MzM5NjI3OTI4MBgA&sigh=ZVrTPXAxkhE&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3557543396279280&output=html&h=280&slotname=2511865775&adk=1836215406&adf=2908574772&pi=t.ma~as.2511865775&w=349&fwrn=4&fwrnh=100&lmt=1652892084&rafmt=3&psa=0&format=349x280&url=https%3A%2F%2Fwww.inswaves.com%2F2021%2F06%2F11%2F50-celebs-with-their-parents-and-grandparents-who-inherited-more-than-good-looks-5%2F%3Futm_medium%3DCNN%26utm_source%3D0014dace722b21ef3ebec62fc10f878c42%26utm_content%3D004196b5c6527f94cc339ffde17a58f866%26utm_campaign%3Dob4-0209%26utm_term%3DCNN%2BEdition%2B%2528Turner%2BInternational%2529%26dicbo%3Dv1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe%26obOrigUrl%3Dtrue&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652928778780&bpp=1&bdt=226&idt=94&shv=r20220516&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=400x280&correlator=2130442373255&frm=20&pv=1&ga_vid=1947498308.1652928779&ga_sid=1652928779&ga_hid=1354839657&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=938&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31067624%2C31067525&oid=2&pvsid=222089192554987&pem=154&tmod=2011191809&uas=0&nvt=1&ref=http%3A%2F%2Fpaid.outbrain.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K85mr7qI50&p=https%3A//www.inswaves.com&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2475 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:29:20 GMT
x-content-type-options: nosniff
age: 224619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:29:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2475 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 209594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:39:45 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14562992415248737034/ Frame 1B7B 10 KB
10 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14562992415248737034/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a14ac6832c24fe58b0fff4ac1558a24c86ce172143dfadbe69f7b0c5b30dcee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:34:20 GMT
x-content-type-options: nosniff
age: 65919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10520
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 02:00:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 May 2023 08:34:20 GMT

GET
DATA 200
OK truncated
/ Frame 1B7B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 52C0 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 02:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame E8E8 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:20:56 GMT

GET
DATA 200
OK truncated
/ Frame 1B7B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00225bf1d30672aa0c502444a955a496090f40e47eca87917b3b76ca2134405d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1B7B 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:29:20 GMT
x-content-type-options: nosniff
age: 224619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:29:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1B7B 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 209594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:39:45 GMT

GET
DATA 200
OK truncated
/ Frame 3A45 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7fbe0455ea98d61d6e992c80cf4d375c9bd71869452a05137730c3a71ad9154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 39ms
22ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220516&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

210e313233821a939c0dadd758f343788e2eb5142033ce5194cd2f5ee37dc03c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10560
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 52C0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
23ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 02:52:59 GMT
expires: Thu, 19 May 2022 02:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 02:52:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame B7B3 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:20:56 GMT

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame EEF5 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:20:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:52:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7ABF 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 17:13:58 GMT
expires: Thu, 18 May 2023 17:13:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F7FC 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2fe364835c527340cedf6d1ababdd6fac2b6437e707a79cf33b65c7e905d124

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ytu2BZFTzzf8rZ-nwc0Ezw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.inswaves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Ytu2BZFTzzf8rZ-nwc0Ezw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:52:59 GMT
expires: Thu, 19 May 2022 02:52:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7ABF 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:20:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F7FC 0
0 19ms
19ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220516&jk=222089192554987&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7ABF 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?shxtsw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:53:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A56 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLthaqnMgcQ69TxJksuFcBiXk1f30fF_uU77QYqe9StT5FZpHyr6KYRIAAaM0CAV8xGOeyeBGdH6vXeQ5cSDoaNW4_ChVCqCRm_b3ic6BGoNgunEm0x6-dKBBY&sai=AMfl-YRhBHAWYVzIY5IxrG7zmDoyJ9j939eVskM83Vg2eQcpbr9ElTmt8L0q3IkYEG2k5BExIt1v0UdNlLIg&sig=Cg0ArKJSzLTQPSSsCsriEAE&id=lidar2&mcvt=1000&p=0,0,280,349&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1710634035&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652928778885&rpt=605&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:53:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 27ms
26ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220516&jk=222089192554987&bg=!enmleT3NAAZL3OSAa9w7ACkAdvg8WiQFtIzeyx2GCf1yXoWUahylFcvoGo7rOLg6nDPPgVMfzyzSUwIAAACWUgAAAAZoAQcKAE6kaSWJAumnCSRFYPgUYo6pKB329jlNJJFyVsr8bJ9Nmmr1RCA8AC1bWpkJ8NWvDOydAXQC9LXqTms5IKOOgEzhBdp0jb-NYHqeYNhjntuZApuJ68QxVs_2k1vdulA8DV6LC0NfEtdR4ol3_3BdtsmJhcVLpLvJmlmkwhqfAfxTIHC57cEkwn67r_VUN5o6s13xvwLmi2IYHUKsMBX6YGV9GpoZJC-B6Kh7Cld-ETzkPdDaKS2vKePYhdGFMqewMytptwhxdRoJPAGkZHggcXCQNclgHOi1mwr-9-ndPlevWgCAh3-aUbgmrI4QKq89ibepyMxigX_WYVRLo-ff2x6ZobZi9keFADbOsEUBSTxUvDUpTd3WWuGdIdG4V9LRFXcb1BNcjVPhuZVnQP_WrhCmbQaXUmXn5E0mh_3kJ97h86CsAmLbfVb9sKBMPiP72DuqpkO5h5t9rIQmxaeOgr2n3jjyfT8uiqkmyEs0tY3-oTdC8cC0gT7yf07KoUrkQq7Bp-FEjOzcrVY9nzPj6To89SwoXlKyn38Rj30d3nOSZzJMcyLgmLUhObAaiGuc3Bb0_MQSyC5Wi1lJsnG9iUU17En6wTD233p2MwtIokGmYWRWp48lQlHuTS6G0w0ltpuCr8MaSwxygXcYIEHFeZ8ZIS-_ArRc5cn7Lu51FyCR0xJd6kKWGK_8J6ADsmud521ze9ugS-M4Z3d4_m5qIjZILnFsK0160i9k7TlRRx0gy99OO6HsFKfbYP8ZJh4gwQQsMjo9collNdPI2b_O9MOiFebiJkniqB62ecJ-rjHZN1BEf6bQCQOlvcIPYxb31NBJOG7LT4o3hxQzH-h8lqISRdOBh8HVe4tn2kgvl04an8cGW5OA32g2nzn4Ph4FsdVHix3BD9achSW-KoBRxIHaRDNF4bqe0-E0-r8suMhdk7Ju-i_WkerxOBXW7lDhJBXsRJqeIMCleTZJQ1FaBm9MgJckljzG2uqQtlMw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.inswaves.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B7B 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRcNQx63wHmhQWfcmOnq6tOw9lLC2QDiULa3jWXwrBnozzHo49W3sQilMXJvi1N1mjY1qaLjG4AtREPg5AQ9piSTBVhY5SgjAEttwLQ1YY0gK-b3M2sO1mL9H-&sai=AMfl-YTbW3ub1aIrD8YHkCEdCxNTSGwdPhb_w-rbkrztyPRNVkFssSbvOT9XBJVc3igj9cx16FAfb2rDjMA5&sig=Cg0ArKJSzKN-5QFZ5N-uEAE&id=lidar2&mcvt=1000&p=0,0,280,349&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1836215406&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652928778879&rpt=931&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:53:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A45 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpdmbCrGFYsXNN7HH7_UPxd6DwAacuOqJaqOln8-ZEL_hHhABIJSupXNglbqAgpgHoAHgs_yiA8gBA6kCHjIRm_6OsT6oAwGqBMQCT9AJGprcG1z1xjZGkdio1sm60e8q50bV31RD6GHVw9MBIduGHa1kIMsyVgnUQ-6VklLcToXwtP3SbApe0pgRHQ0P4DxJ7oy-P_jJuz3HAUmbg-kCh5K9PbPdFG8_FBF2D6kYDxqs48S0qygtzABuAJM_svT1QHxedKSfcW-t-qn9IOim12ZHkm5cbja7aGdN1GZvMcj40b0xS21Qo6aDlXwGL87JLU4MOtoiT9_PyoAq9ywxUN-CWVOUCRyAXD5q_ADp4uaTBac0n2xC9gCrgN1LXTQUCW7zHlFfvfFLbvJEGDA3Z1adV65fGuWscVLkmSbr71z9dwqPeO_r75RFU8Qmnqf5FuYVbezpMIZipFJVOeJTsG7hpZsamye_DFvzhlwUsqs4OBDi63j8sXPLxh4Qw3ihe3ZftPlFCz0iNidVSju_wASMxIuWgwSgBgOAB4jMg12oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDpjSXSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItMzU1NzU0MzM5NjI3OTI4MBgA&sigh=VQTukCZg-5M&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220516/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 May 2022 02:53:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A45 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswVxJRgETtX2wkQFSqIf2S8J6XWD5gIKdrnuAsYyGs3gmRXgxMdR2y7kHoniSwWXZbDoJ8_2zAURtzZ8sa_ICbz-FQzN-zWYWYKGwddsROTzEth8phwm5IL7sO&sai=AMfl-YT_cP6wKMW2oXyn3I39CJgSWW0e3bMLiUxqLkv8s9GtpnU15aQ8nQ4qAfAzH82BChsU3tPgV1kUo1iW&sig=Cg0ArKJSzE9gms59vE7rEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=88,767,1000,1092,1276&tos=88,679,233,92,184&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1652928779617&rpt=118&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:53:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.inswaves.com/	1970-01-20 03:10:15	Name: outbrain_click_id Value: v1-da3d98472515c446d37160815f78dde8-000cbe35a041ef2ade773971c34e4468aa-gvqwgnzrha4dsljsgfrdgljug4ztsljzmqywkljwg4ydczjugftdantdhe
.inswaves.com/	1970-01-20 20:40:00	Name: _ga Value: GA1.2.1947498308.1652928779
.inswaves.com/	1970-01-20 03:10:15	Name: _gid Value: GA1.2.182788337.1652928779
.inswaves.com/	1970-01-20 03:08:48	Name: _gat_gtag_UA_146914112_38 Value: 1
.inswaves.com/	1970-01-20 12:30:24	Name: __gads Value: ID=15759baa5dc43005-22fbfc0598cd0078:T=1652928778:RT=1652928778:S=ALNI_MZX3k-hliCBB-8wsNwOZ0IW1pMKnQ
.doubleclick.net/	1970-01-20 12:30:24	Name: IDE Value: AHWqTUmfNkczJ66ycwepsqj5ns8p_7R7R6wvkE7kSp1wOnnioDhK43hDUN2-XXCUdtI
at.bahn.de/	1970-01-20 05:18:24	Name: exactag_new_gk Value: 95a60ebbb35d4962b140e8f76c3acd7d%7c18.07.2022+02%3a52%3a56
at.bahn.de/	1970-01-20 07:28:00	Name: exactag_new_uk Value: 00e140a4f94b41399a7caf2de4196426%7c
at.bahn.de/	1969-12-31 23:59:59	Name: session_session Value: abe315b3892247989737300e
.doubleclick.net/	1970-01-20 03:08:52	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
amplify.outbrain.com
at.bahn.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
paid.outbrain.com
partner.googleadservices.com
secure.gravatar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instarwaves.com
www.inswaves.com
142.250.186.162
151.101.14.132
23.35.237.86
2606:4700:4400::6812:211b
2606:4700:4400::6812:21e4
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c09::9a
2a00:1450:400f:803::2008
2a04:fa87:fffe::c000:4902
70.42.32.255
85.14.248.91
00225bf1d30672aa0c502444a955a496090f40e47eca87917b3b76ca2134405d
0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671
096920fd8494d1f3caea60592f0e869bfdb43d2f169498ddb7810840d4470af3
0cebb32a9a27380659d173bcdd9dde01ade8f12557f4f1fcfbf203ad7e5af1f8
125a8dc10ab58283f31910ebd4ab77b0d95b2e4ea865a72161c06bc3176eb654
127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211
1476fdde38cabe2797f12e10bc6312b2bd632d25e831a3cdee5dd6375cf2501d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a6e866c779a788ffc3b4b174a12a4f794a2d0a92500ff3f3ae170944b1407a
210e313233821a939c0dadd758f343788e2eb5142033ce5194cd2f5ee37dc03c
2e24a41622f839d43be586061da2971abaecfee51e324dc16573363dce6ab1ef
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34bba77e1f0cc2be52e313449a88c2b7060c367c2722cb4cd946f055e63f5fa3
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
3a14ac6832c24fe58b0fff4ac1558a24c86ce172143dfadbe69f7b0c5b30dcee
3bae025420236d897fe7f7fc530c823b78d914a2e9cc2b081840e8e858ce831a
3e8a2a133639aa2fb3ad62e225ff028cbce4e3ac95a5a7f81f57691731a0cc47
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4b16f328161f671c5374c717a038def5bba21a4f37cdfb3509cda60ec262cf5f
4da3fa534ba0f21b5c8040bcd1b691e3dc74d45f5ea2d27e9e973b853a02a08e
4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc
512abfd0af424c443f98064c7a76cb739464f558adccb169f45ac436b13c1e08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
634c8862d56c627725eaf5e495d2d3e8462d93f35276c31419e5eb9eb4451e3e
6f17d5ae102c682c56947b621e74afb53fd45cb33b1f665641f548223463fb86
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
788aec3ea0a3375c138dcfca759ad0b942d00e5c985f3a274446cc8d16841c98
78e588f105bc7faee5a66d832dc84e077039e9d38d3429e2b495e5370d6a5924
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
977bd7ccb1707b1bb7704e2ab2c7650d7b72ed4da49f4583c18b0339bdc0855c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b06a71bcd7ef9c243626a47c607e6e91cf44d57bf2a05e6abecc376d84800132
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
c2fe364835c527340cedf6d1ababdd6fac2b6437e707a79cf33b65c7e905d124
d1c2649a774d659f3b49ed7874ba32cc08ef3135ed6e7b08a61778e6e1338024
d7eec556c74dcaa309bb1a3a3e89a6da161c6760eff98fcc90984ba16a6b4900
dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e515f6f2726989b202e23d32ec8aa751bf62f4c9595c676fc57f6a68ed34ea4d
e7fbe0455ea98d61d6e992c80cf4d375c9bd71869452a05137730c3a71ad9154
ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f2ed87890b18543be60acf3c2a569f1eeee711f0b2a64b63cffa5bdcd46b582b
f34383f0293f28938c6b08943c19efb698457b0564e92ef2e19ee96dc6b691ea
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9e1c110d4d6714cab5b99927665b47805ff459aa2f91fd7987a5440065e96ff
fde841e90e7ddfc3912e114e9aae1bee2b60dc0d20a6f73939522c662c574e7f

www.inswaves.com Open in urlscan Pro 2606:4700:4400::6812:211b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

99 %HTTPS

76 %IPv6

15 Domains

23 Subdomains

21 IPs

4 Countries

1271 kBTransfer

3157 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.inswaves.com Open in urlscan Pro
2606:4700:4400::6812:211b Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

99 %
HTTPS

76 %
IPv6

15
Domains

23
Subdomains

21
IPs

4
Countries

1271 kB
Transfer

3157 kB
Size

10
Cookies

103 HTTP transactions
7 data transactions