urlscan.io logo urlscan.io
SecurityTrails logo

bwrrtosd.info Open in urlscan Pro
161.35.214.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://bwrrtosd.info/
Submission: On April 06 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 11 domains to perform 53 HTTP transactions. The main IP is 161.35.214.202, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is bwrrtosd.info.
TLS certificate: Issued by R3 on April 3rd 2024. Valid for: 3 months.
This is the only time bwrrtosd.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 161.35.214.202 14061 (DIGITALOC...)
8 65.9.95.58 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.95.50 16509 (AMAZON-02)
3 65.9.98.75 16509 (AMAZON-02)
3 2600:9000:212... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
1 142.250.185.98 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 65.9.95.68 16509 (AMAZON-02)
1 65.9.95.30 16509 (AMAZON-02)
2 65.9.95.111 16509 (AMAZON-02)
1 65.9.9.197 16509 (AMAZON-02)
1 65.9.95.16 16509 (AMAZON-02)
53 22
14    161.35.214.202 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
bwrrtosd.info
8    65.9.95.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-58.prg50.r.cloudfront.net
ads.adthrive.com
launchpad.privacymanager.io
3    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6816:2e76 (United States)

ASN13335 (CLOUDFLARENET, US)
app.slickstream.com
2    2606:4700:10::ac43:1e71 (United States)

ASN13335 (CLOUDFLARENET, US)
c13f.app.slickstream.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    65.9.95.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-50.prg50.r.cloudfront.net
ads.adthrive.com
3    65.9.98.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-98-75.prg50.r.cloudfront.net
c.amazon-adsystem.com
3    2600:9000:2127:b200:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2127:5a00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:2127:a000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    65.9.95.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-68.prg50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    65.9.95.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-30.prg50.r.cloudfront.net
config.aps.amazon-adsystem.com
2    65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net
geo.privacymanager.io
1    65.9.9.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-9-197.prg50.r.cloudfront.net
aax.amazon-adsystem.com
1    65.9.95.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-16.prg50.r.cloudfront.net
cmp-consent-tool.privacymanager.io
Apex Domain
Subdomains		 Transfer
14 bwrrtosd.info
bwrrtosd.info
1 MB
9 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 31390
gdpr.privacymanager.io — Cisco Umbrella Rank: 40433
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2864
geo.privacymanager.io — Cisco Umbrella Rank: 1937
launchpad.privacymanager.io — Cisco Umbrella Rank: 2374
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 61363
503 KB
8 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 5880
390 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 303
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 629
aax.amazon-adsystem.com — Cisco Umbrella Rank: 409
79 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
167 KB
4 slickstream.com
app.slickstream.com — Cisco Umbrella Rank: 11590
c13f.app.slickstream.com — Cisco Umbrella Rank: 64225
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2709
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
259 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1599
133 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2852
pixel.wp.com — Cisco Umbrella Rank: 2813
3 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2968
19 KB
53 11
Domain Requested by
14 bwrrtosd.info bwrrtosd.info
8 ads.adthrive.com bwrrtosd.info
ads.adthrive.com
3 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
3 gdpr-wrapper.privacymanager.io ads.adthrive.com
gdpr.privacymanager.io
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
3 www.googletagmanager.com bwrrtosd.info
www.googletagmanager.com
2 geo.privacymanager.io gdpr.privacymanager.io
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 c13f.app.slickstream.com bwrrtosd.info
2 app.slickstream.com 2 redirects
1 cmp-consent-tool.privacymanager.io gdpr.privacymanager.io
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 launchpad-wrapper.privacymanager.io ads.adthrive.com
1 cdn.jwplayer.com ads.adthrive.com
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com bwrrtosd.info
1 stats.wp.com bwrrtosd.info
53 22

This site contains no links.

Subject Issuer Validity Valid
bwrrtosd.info
R3		 2024-04-03 -
2024-07-02		 3 months crt.sh
*.adthrive.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-03-16 -
2024-06-14		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://bwrrtosd.info/
Frame ID: 137AC4FD83DCCEFA137CA13833C9F152
Requests: 53 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/8655c3f/html/i.html
Frame ID: FD3FC517C7E5CD9848A583F28937D16E
Requests: 1 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: E38FE42C537FD640797326CCC3FCA7A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Easy and Delicious Desserts & Air Fryer Recipes - Also The Crumbs Please

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

53
Requests

96 %
HTTPS

45 %
IPv6

11
Domains

22
Subdomains

22
IPs

3
Countries

3034 kB
Transfer

6465 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F HTTP 302
  • https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
Request Chain 37
  • https://app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F HTTP 302
  • https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bwrrtosd.info/ 		502 KB
502 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
be547c9eb5b3ae46ffdf76d3b2de284c796a3ccd20f61833896373b0b942fd8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
513606
content-type
text/html; charset=UTF-8
date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:53:15 GMT
server
nginx/1.15.6
ads.min.js
ads.adthrive.com/sites/5f4d18cf3b647d61ef51e6fa/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5f4d18cf3b647d61ef51e6fa/ads.min.js?referrer=https%3A%2F%2Fbwrrtosd.info%2F&cb=41
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
1e1c09606161fbec43641db80ce51a9ea5683391ce4bd0b3ca88884b87a9ed75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

adthrive-bucket
flex-08
date
Sat, 06 Apr 2024 05:09:05 GMT
content-encoding
br
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
adthrive-deployment
2024-04-05-5:adv-178:pr4445:8655c3f
x-amz-cf-pop
PRG50-C1
adthrive-commit
8655c3f
x-cache
Miss from cloudfront
adthrive-gdpr
true
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
ZRVLJ7X8gXDTMNnFrskcdLnHZnJVtTTzz8kziSpHUqSdZx6GrB9qCQ==
expires
0
js
www.googletagmanager.com/gtag/ 		185 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-88114325-1
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e91d4a20f666d5a4e4202a792e3f29ac01118f187d9893af7e0597b1377375dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69080
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 05:09:05 GMT
js
www.googletagmanager.com/gtag/ 		281 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WX9SVL6ZGE
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0b62089c26bc4ac6646fc7096b19e7917852f66722166a136ce7f3014b1bba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97552
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 05:09:05 GMT
cropped-Header-image.png
bwrrtosd.info/wp-content/uploads/2018/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2018/12/cropped-Header-image.png
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
e8c8401220a414dcb94ba1712ea74b475b60ddd3038b9abdb86a1c3ced9b1e4a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:53:19 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
5725
content-type
image/png
also-the-crumbs-please-logo_v.png
bwrrtosd.info/wp-content/uploads/2023/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2023/04/also-the-crumbs-please-logo_v.png
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
7d5f584e227377d23f2be314bfbff89f0606e2e9570ed103648b94d38824f220

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:55:19 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
2039
content-type
image/png
Chocolate-Easter-Eggs-Cake-with-Chocolate-Marshmallow-Frosting-3-1.jpg
bwrrtosd.info/wp-content/uploads/2022/02/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2022/02/Chocolate-Easter-Eggs-Cake-with-Chocolate-Marshmallow-Frosting-3-1.jpg
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
8939bc68d09b0463e4b2533aac8d872625b1c4580a122d4c604393ebb47088e1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:55:19 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
72131
content-type
image/jpeg
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e72874edbc16d3546a3ab2aef473e9e0952a37897de1481db248342c628759a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
page-boot-data
c13f.app.slickstream.com/d/
Redirect Chain
  • https://app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
  • https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
40 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Server
2606:4700:10::ac43:1e71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bwrrtosd.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
access-control-max-age
43200
access-control-allow-methods
POST, PUT, GET, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=900
x-slickstream-consent
ask
x-ss-serverid
c13-app-5d44dc4967-tmrtm
cf-ray
86ff43887c081bcf-FRA

Redirect headers

date
Sat, 06 Apr 2024 05:09:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-powered-by
Express
content-length
120
cdn-cache-control
public, max-age=3600
server
cloudflare
access-control-max-age
43200
access-control-allow-methods
GET, HEAD, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
location
https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
access-control-allow-origin
*
cache-control
public, max-age=900
vary
Accept, Accept-Encoding
x-ss-serverid
common-app-697846cc8f-4rqnq
x-slickstream-consent
ask
cf-ray
86ff4385bb298f3e-FRA
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2d7be01ec2d1b823ee1f6d55dd17467667efb69dfad7d10bddc6ea054d731e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9bacc445ab897c1acf21abe9e3dbf6e87accae8818269dba0b67ac05cde5979

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f317f5740558b6ef74dc20e9816a50c33238659f4c0d3c7a2e47d4b1280a0dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
public-modern.js
bwrrtosd.info/wp-content/cache/min/1/wp-content/plugins/wp-recipe-maker/dist/ 		119 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bwrrtosd.info/wp-content/cache/min/1/wp-content/plugins/wp-recipe-maker/dist/public-modern.js?ver=1711385077
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
1deed0ae4f590e6dc7f8ea21750c0caa4f548bedf5855c8cb2336b5e5945f664

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:53:16 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
122004
content-type
application/javascript
front-end-pro.js
bwrrtosd.info/wp-content/cache/min/1/wp-content/plugins/social-pug/assets/dist/ 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bwrrtosd.info/wp-content/cache/min/1/wp-content/plugins/social-pug/assets/dist/front-end-pro.js?ver=1711385077
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
04a74005d21b5102650913c704a642d03754e025ba52ce9c55e2f70800cc6790

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:53:16 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
30342
content-type
application/javascript
public-elite.js
bwrrtosd.info/wp-content/cache/min/1/wp-content/plugins/wp-recipe-maker-premium/dist/ 		154 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bwrrtosd.info/wp-content/cache/min/1/wp-content/plugins/wp-recipe-maker-premium/dist/public-elite.js?ver=1711385077
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
dcd2fa8d63c912161b628be0d784dfb9ce1f913e67e379615c6bf3471c506d61

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:53:16 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
157379
content-type
application/javascript
lazyload.min.js
bwrrtosd.info/wp-content/plugins/perfmatters/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bwrrtosd.info/wp-content/plugins/perfmatters/js/lazyload.min.js?ver=2.2.6
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:53:16 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
9355
content-type
application/javascript
e-202414.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202414.js
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Sat, 06 Apr 2024 05:09:05 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356443.5398
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 30 Mar 2025 18:29:38 GMT
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
br
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
date
Sat, 06 Apr 2024 05:09:06 GMT
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
akZ8FXW_sk2-kTkENZ50WSE6pSIp77FxmvsKkHTQM9TEx6d6f8MgbA==
Peanut-Butter-Brownies-13.jpg
bwrrtosd.info/wp-content/uploads/2021/11/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2021/11/Peanut-Butter-Brownies-13.jpg
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ca587028a002c1c797a5caa6dfb61f0ce60f1389f8683f4f1ee5902f8c7743b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:55:19 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
72868
content-type
image/jpeg
Air-Fryer-Apple-Pies-17-500x500.jpg
bwrrtosd.info/wp-content/uploads/2021/09/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2021/09/Air-Fryer-Apple-Pies-17-500x500.jpg
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
bfc255f6a0143cd9dd1762dd6a4c4a9bd202f30b967e609dd2e31ad7c4436d0d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:55:20 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
128654
content-type
image/jpeg
No-bake-Blueberry-Cheesecake-15-500x500.jpg
bwrrtosd.info/wp-content/uploads/2021/03/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2021/03/No-bake-Blueberry-Cheesecake-15-500x500.jpg
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
97977fb76379eae6534f1d689c691c6927846f60fa8691b20e03f51e3280a571

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:55:20 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
89174
content-type
image/jpeg
Brownie-Cookies-10-500x500.jpg
bwrrtosd.info/wp-content/uploads/2021/03/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2021/03/Brownie-Cookies-10-500x500.jpg
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
9a96a92875bd2ff5134bb528b733400e788290335dc87a791b34718a2d992796

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:55:20 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
167451
content-type
image/jpeg
Apple-Crumble-Pie-15-500x500.jpg
bwrrtosd.info/wp-content/uploads/2020/11/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwrrtosd.info/wp-content/uploads/2020/11/Apple-Crumble-Pie-15-500x500.jpg
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
6c2271f31c76c59ef9fdec94621ecc1b16eadcc30a5a89fb387c4e57ffc0a9bb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
last-modified
Wed, 03 Apr 2024 15:55:20 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
119752
content-type
image/jpeg
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=133359788&post=11132&tz=-4&srv=www.alsothecrumbsplease.com&j=1%3A13.2.2&host=bwrrtosd.info&ref=&fcp=294&rand=0.06613185868460958
Requested by
Host: bwrrtosd.info
URL: https://bwrrtosd.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 06 Apr 2024 05:09:05 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88114325-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Apr 2024 03:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4857
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Apr 2024 05:48:08 GMT
js
www.googletagmanager.com/gtag/ 		281 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WX9SVL6ZGE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88114325-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18d9bd3271e66c5e2ae67b85f3f637df9d9ab82bb92030bcdc6828e2698acada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97518
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 05:09:05 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WX9SVL6ZGE&gtm=45je4430v869752605za200&_p=1712380145432&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1785275658.1712380146&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712380145&sct=1&seg=0&dl=https%3A%2F%2Fbwrrtosd.info%2F&dt=Easy%20and%20Delicious%20Desserts%20%26%20Air%20Fryer%20Recipes%20-%20Also%20The%20Crumbs%20Please&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=563
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WX9SVL6ZGE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 05:09:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bwrrtosd.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1458721854&t=pageview&_s=1&dl=https%3A%2F%2Fbwrrtosd.info%2F&ul=en-us&de=UTF-8&dt=Easy%20and%20Delicious%20Desserts%20%26%20Air%20Fryer%20Recipes%20-%20Also%20The%20Crumbs%20Please&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=1850970621&gjid=426830403&cid=1785275658.1712380146&tid=UA-88114325-1&_gid=1279620297.1712380146&_r=1&gtm=457e4430za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=634462946
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 05:09:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bwrrtosd.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-88114325-1&cid=1785275658.1712380146&jid=1850970621&gjid=426830403&_gid=1279620297.1712380146&npa=1&_u=YADAAUAAAAAAACAAI~&z=1019015063
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 06 Apr 2024 05:09:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bwrrtosd.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
marmalade
ads.adthrive.com/api/v1/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5f4d18cf3b647d61ef51e6fa&url=https%3A%2F%2Fbwrrtosd.info%2F&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5f4d18cf3b647d61ef51e6fa/ads.min.js?referrer=https%3A%2F%2Fbwrrtosd.info%2F&cb=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
/
Resource Hash
0a978b7a3adf9b6249dfa684c663667fef1a656ac9eadcb2dd8ff820d1432814

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
content-encoding
br
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amzn-trace-id
Root=1-6610d8f2-1a535432583c371f39018e75;Parent=043bad9b9f97df3a;Sampled=0;lineage=e948d84a:0
x-amzn-requestid
bcc46cb9-cf44-4639-b82d-2f6c0b1e5cb1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
x-amz-apigw-id
VybV3Gg0IAMEM2w=
x-amz-cf-id
TuUyfzXgHmAiSVs3Cp6oLKGIkmTO70-2PR5PPdoXPM2GGqpEbJWL6A==
5f4d18cf3b647d61ef51e6fa
ads.adthrive.com/api/v2/raptiveFloors/ 		21 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/5f4d18cf3b647d61ef51e6fa
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5f4d18cf3b647d61ef51e6fa/ads.min.js?referrer=https%3A%2F%2Fbwrrtosd.info%2F&cb=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
/
Resource Hash
58cd92215658bd2c3a7d72562caf3d7d1bd1aa83056f71be5ca1c9322366eff4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
content-encoding
br
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amzn-trace-id
Root=1-6610d8f2-42dbb2672ce8e2563bbc48e8;Parent=5d800e5a3c1dc569;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
33a7cc70-db4d-434d-9c23-43d58415c790
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
VybV5F7-IAMEu3g=
x-amz-cf-id
yeMEie0oOWm80EvU0ZNnRtet_-CBtpxRnsHVrhFAgN0TPSwoLTy3Sg==
adthrive.min.js
ads.adthrive.com/builds/core/8655c3f/es2018/js/ 		816 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5f4d18cf3b647d61ef51e6fa/ads.min.js?referrer=https%3A%2F%2Fbwrrtosd.info%2F&cb=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
57f5e724c15edab923ed9693c12bc42905180b179d15334a60a7f81293ab053d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:03:06 GMT
content-encoding
br
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
18360
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
528pJtt9s-3OGmbpCVpT2RVCZMsfP3urpoHTBTm5wOGF8L6FqeVlcQ==
favicon.ico
bwrrtosd.info/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bwrrtosd.info/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.214.202 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
32da65af389c7f0cc95ae5f8ee86d41582af3d501a40525dc286117283283cd7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
last-modified
Wed, 03 Apr 2024 15:53:20 GMT
server
nginx/1.15.6
accept-ranges
bytes
content-length
1788
content-type
image/jpeg
i.html
ads.adthrive.com/builds/core/8655c3f/html/ Frame FD3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/8655c3f/html/i.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-50.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://bwrrtosd.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
513
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 06 Apr 2024 05:01:52 GMT
etag
W/"63c161ccf2bd2f7a6682bae21c10e5be"
last-modified
Fri, 05 Apr 2024 14:26:36 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-id
9BjQJNcWKQReD-Pdyri8Oqc_0tRD0X-3vFfmDqEqbCwVfnNEcHtlHg==
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
PcQyxujnwKiA30Ace_sK25amberWKX1u
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/8655c3f/gdpr/vendor/prebid/es2018/ 		657 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/8655c3f/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
537bc062e0bdcaefd5ab7916e53a59bb58f00e826665377cb9dce2aae1acefcd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
iTDUkqR0XnWmsMhrM8Cx9j_HvtoOsunl
content-encoding
br
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
date
Sat, 06 Apr 2024 05:01:56 GMT
last-modified
Fri, 05 Apr 2024 14:26:46 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
511
x-amz-server-side-encryption
AES256
etag
W/"a64977a98c38bf0b6317eb332e355bcb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
ajhz7MtGRtGvLngPsDSLebhzN-ArMRRohZ0gYIYDFTgVlIYB5LOXzg==
apstag.js
c.amazon-adsystem.com/aax2/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-98-75.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 04:58:39 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 15:38:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
628
x-amz-server-side-encryption
AES256
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
bu5p6utpLePpOCyCI5TrK7LO2qmTU0Cf1dNW6kBndalgMeHwxICruA==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ 		478 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/gdpr-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
086bf7c3e30196f305c87baf9f9d0e1f7e61268bf8d741ec1cad31cad97b13e9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
h7raAlomITfo0tVY68kSPMO3wLCpEzcw
content-encoding
gzip
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
date
Sat, 06 Apr 2024 00:54:22 GMT
x-amz-cf-pop
PRG50-C1
age
15306
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Wed, 22 Nov 2023 06:43:46 GMT
server
AmazonS3
etag
W/"6194cda277579bac72f5f53cd116668e"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
ZW5w_944A0zI1nFg9oNVuWf2J6d9TG8UjFE3NjUQbpllROgMoOwm4Q==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b96e92a938ffcde947abedf14b10cb8d79e91cfa29968de8f6ed987d79255385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29195
x-xss-protection
0
server
cafe
etag
855 / 19819 / m202404020101 / config-hash: 7795631271343578687
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 05:09:06 GMT
page-boot-data
c13f.app.slickstream.com/d/
Redirect Chain
  • https://app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
  • https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
40 B
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
Protocol
H2
Server
2606:4700:10::ac43:1e71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bwrrtosd.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
access-control-max-age
43200
access-control-allow-methods
POST, PUT, GET, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=900
x-slickstream-consent
ask
x-ss-serverid
c13-app-5d44dc4967-7c56m
cf-ray
86ff438b1db91bcf-FRA

Redirect headers

date
Sat, 06 Apr 2024 05:09:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
age
1
x-powered-by
Express
content-length
120
cdn-cache-control
public, max-age=3600
server
cloudflare
access-control-max-age
43200
access-control-allow-methods
GET, HEAD, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
location
https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
access-control-allow-origin
*
cache-control
public, max-age=900
vary
Accept, Accept-Encoding
x-ss-serverid
common-app-697846cc8f-4rqnq
x-slickstream-consent
ask
cf-ray
86ff438ade2c8f3e-FRA
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-98-75.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 19:06:44 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
36143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
EFkH_lJUZR0YJbf0jqY-pWMVapKs4hrCpOpWTG_5laW3NdWy73jgiQ==
gdpr.bundle.js
gdpr.privacymanager.io/latest/ 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:5a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Y_FI2tHwceecL4aCNm0w90ZTQwQBXlnf
content-encoding
gzip
via
1.1 2a5c925255bb252ff0ed65977311f74e.cloudfront.net (CloudFront)
date
Sat, 06 Apr 2024 04:50:06 GMT
last-modified
Wed, 03 Jan 2024 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1141
x-amz-server-side-encryption
AES256
etag
W/"97a8e6b3690e415e6982e057a4ec3a39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
BQFm6LzYhtpZNFOOLaRKQJBhDVJ1CulBHo2xNRaZgVANKfxFFJ0kGA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/ 		440 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 03:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
5295
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141128
x-xss-protection
0
server
cafe
etag
1320909909656752868
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 06 Apr 2025 03:40:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		58 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bwrrtosd.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
928a4f53a88e8ffcc5d8a7564a5fadfd2394b54b4b56450b45be1da46532fb23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
x-xss-protection
0
expires
Sat, 06 Apr 2024 05:09:06 GMT
KElXy4on
cdn.jwplayer.com/v2/playlists/ 		145 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/KElXy4on?max_resolution=1280
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
62eb8661279e0d6e07294f577fe430f06878587b7bb3eb4b75e38c3fe75086cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:07 GMT
content-encoding
gzip
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
19428
x-amz-cf-id
dUBmKFi20DNsxO9U5q1h2PkCLC6Y3eEaQ7dXtz-N-Ylnj2Am6erCIA==
expires
Sat, 06 Apr 2024 05:12:07
config.js
cdn.confiant-integrations.net/wyN88rwU6FImxcXgha7IWE-FzsE/gpt_and_prebid/ 		198 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/wyN88rwU6FImxcXgha7IWE-FzsE/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d48195ace3008183efb884a8d1e792771a3cfe22bcafa443437ba21eb4e5752

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 06 Apr 2024 03:59:26 GMT
server
cloudflare
x-amz-request-id
PQGM53FMVQKVR1AP
age
465
etag
W/"c6a913e7cd0b7c41a403fb646f770fdc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
86ff438cd9ab5902-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0WBmmqTcwQSFszCEPugfQQpfFem2OJrehJU/WArKw4m/TJbJdngJWCus1hw5NdUHNr2IIOsGEKba5N/V6+wUZGL4s/gzTmsd/jfyNBZeBzM=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 		286 KB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-68.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3435b49596ce82bc24cacc88215a1b0541a41a2a8bf8e8a000c7ec0fa0316cb9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
O_Qe7ixyu3ZZzqWsPz4MrWksQWKlcVD.
date
Sat, 06 Apr 2024 01:13:18 GMT
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
14149
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
content-length
292556
last-modified
Thu, 29 Feb 2024 17:29:28 GMT
server
AmazonS3
etag
"0ae77510870d95a6240b7b95a7fea0f9"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
1SL5natCdWPuZRPDOd8jc9F7SoBK0OCUOwTRpYHLKYGUT5viirHCcQ==
ads.min.css
ads.adthrive.com/sites/5f4d18cf3b647d61ef51e6fa/ 		345 B
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5f4d18cf3b647d61ef51e6fa/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8655c3f/es2018/js/adthrive.min.js?deployment=2024-04-05-5:adv-178:pr4445:8655c3f&bucket=flex-08&deliveryFeatures=recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5f4d18cf3b647d61ef51e6fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
15d5be424df2b7f6ff47eb730d7320b6261e6db4b964d3aae403e7baabce081d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 11:29:22 GMT
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
63584
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
345
x-amz-cf-id
ZQNHBH0QDRu0qnhsp64tlGsND-DhsfZmkQyn8g3MHy_--GoEuQoMvA==
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/ 		563 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-30.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 04:53:32 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
934
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
krrHl5Wi8zctXf5VvamS-w9zWFlT2iAQph2MoBio2G21vPyDiQR4OQ==
config
c.amazon-adsystem.com/cdn/prod/ 		339 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbwrrtosd.info&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.98.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-98-75.prg50.r.cloudfront.net
Software
Server /
Resource Hash
1d0d9e2523056b4f82c369b8cc81699f218b1f02964a8652862bde244725f772

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:05 GMT
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://bwrrtosd.info
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
339
x-amz-cf-id
42bXc7_E_uhm2f2XNnp1A4BoSyNKg6FIzJgfVGNwQli7WKt6n35DYw==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ 		106 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e92672da03844cf1ca55a1875062d319ae104c89b4823e1e52ad514bf60f88a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://bwrrtosd.info/
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cEn1KjThtu9AzHsEKu82maSmoZf1fWiL
content-encoding
gzip
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
date
Sat, 06 Apr 2024 05:09:06 GMT
x-amz-cf-pop
PRG50-C1
age
372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 04 Apr 2024 17:40:08 GMT
server
AmazonS3
etag
W/"226d86da13e148e737541271eb87896b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
UDpiwPWrAjDDEyoO-bxkF86c6Ww7Ng2jFxrN2esgz-wsmAS6GFeitA==
/
geo.privacymanager.io/ 		28 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://bwrrtosd.info/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 02:32:22 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, PRG50-C1
age
9404
x-amzn-requestid
b9dfb587-ed7b-453d-8cca-f85401fe2d5a
x-amzn-trace-id
Root=1-6610b436-04c3207902c9323834dd95cb;Parent=32f4f1d15da5df7e;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
VyEYiHCvDoEETAw=
content-length
28
x-amz-cf-id
4BWDjXM6Me17Sgvz-FNe492RHQL_DwQ6XOMRdf3EWSowdZQNFvHIvA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://bwrrtosd.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
age
69215
content-length
0
date
Fri, 05 Apr 2024 09:55:32 GMT
server
AmazonS3
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-cf-id
_KFuGeJT57HhaPWMGuwHNpqPMDKrb2eMxVkbXiRZBGkVQLLQYS85kg==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://bwrrtosd.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 06 Apr 2024 05:09:06 GMT
via
1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront), 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-apigw-id
VybV_HOAjoEEVOw=
x-amz-cf-id
Q--JFApNshFbzxxvdB1cDpZCyMecKg1fAtZkTWXlgE-Xk18IwOl4Dw==
x-amz-cf-pop
PRG50-C1 PRG50-C1
x-amzn-requestid
2fa9ed35-a495-48e2-8d1b-4b6fadb5503d
x-cache
Miss from cloudfront
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbwrrtosd.info%2F&pid=6TICfI591RjBX&cb=0&ws=1600x1113&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5f4d18cf3b647d61ef51e6fa%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C5f4d18cf3b647d61ef51e6fa%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.9.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-9-197.prg50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://bwrrtosd.info
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
0UWo65hN1PsrllF2uguB6v_AkQAEawxm7SOEgRZfjdsBjBSVmDP2Yw==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 		300 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/wyN88rwU6FImxcXgha7IWE-FzsE/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 05:09:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2024 15:11:18 GMT
server
cloudflare
x-amz-request-id
EFMZ5X0DXACDSKDY
age
207263
etag
W/"3d93a0af15b12fc9dbbc93edd96a2b7f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
86ff438d7ace5902-TXL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YgMNL8PEeA2zrffKI+62ZEJci3T8vziG5dmCd4HU2mWcr7uLLUFCvB8TqYOEneo891GwZ1HcUL5u5ZWsD+B5/w==
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-58.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bwrrtosd.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.0smH5v3yC0Mj5CY0Yn4_OXkkced__tN
content-encoding
gzip
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
date
Sat, 06 Apr 2024 04:53:07 GMT
last-modified
Mon, 26 Feb 2024 08:21:44 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
960
x-amz-server-side-encryption
AES256
etag
W/"a92f9ecbaf5821d1d35c439a0dc33104"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
GhmuJsgDzb3eQY6jftDkQUPAK0VHKKiyw8C78VKL43-WvBGQt5OiZA==
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame E38F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-16.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://bwrrtosd.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
452085
cache-control
must-revalidate,public,max-age=604800
content-encoding
gzip
content-type
text/html
date
Sun, 31 Mar 2024 23:34:26 GMT
etag
W/"75610cde1541054da56aaac17da27360"
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-id
pQx589cS1pWh2DCa7_OPheu4ecCZS71PHk_emMUsuBsWR1DTocU18w==
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
.t5aPfxCiC3dcMaLwZ0jl5ylX_nghvVJ
x-cache
Hit from cloudfront

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 undefined| href object| adthriveCLS object| adthrive object| $slickBoot function| gtag object| dataLayer object| cls_disable_ads object| wprm_public object| wpilFrontend object| wprmp_public object| RocketPreloadLinksConfig object| lazyLoadOptions object| _stq object| jetpackSwiperLibraryPath object| jetpackCarouselStrings object| mvGrowData function| growMe function| parcelRequire object| WPRecipeMaker object| MicroModal function| LazyLoad function| st_go function| linktracker_init object| wpcom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData boolean| gtag_enable_tcf_support function| __tcfapi object| pbjs object| apstag object| _pbjsGlobals object| _aps boolean| apstagLOADED object| cmp object| cmpConfiguration object| nodeScript object| ggeac object| google_js_reporting_queue object| _comscore object| confiant object| apscustom undefined| google_measure_js_timing object| launchPad object| launchPadConfiguration function| __launchpad function| addEventListenerBase

7 Cookies

Domain/Path Name / Value
.bwrrtosd.info/ Name: _ga_WX9SVL6ZGE
Value: GS1.1.1712380145.1.0.1712380145.0.0.0
.bwrrtosd.info/ Name: _ga
Value: GA1.2.1785275658.1712380146
.bwrrtosd.info/ Name: _gid
Value: GA1.2.1279620297.1712380146
.bwrrtosd.info/ Name: _gat_gtag_UA_88114325_1
Value: 1
bwrrtosd.info/ Name: __adblocker
Value: false
bwrrtosd.info/ Name: gdpr-auditId
Value: 01c23c913cc744aea9dce40b14ce322a
bwrrtosd.info/ Name: geo-location
Value: {"country":"DE","region":""}

2 Console Messages

Source Level URL
Text
network error URL: https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c13f.app.slickstream.com/d/page-boot-data?site=KC6U0DSA&url=https%3A%2F%2Fbwrrtosd.info%2F
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ads.adthrive.com
app.slickstream.com
bwrrtosd.info
c.amazon-adsystem.com
c13f.app.slickstream.com
cdn.confiant-integrations.net
cdn.jwplayer.com
cmp-consent-tool.privacymanager.io
config.aps.amazon-adsystem.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
pixel.wp.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
www.google-analytics.com
www.googletagmanager.com
142.250.185.98
161.35.214.202
172.64.144.166
192.0.76.3
2001:4860:4802:32::36
2600:9000:2127:5a00:16:f82a:8600:93a1
2600:9000:2127:a000:1:a3fa:7cc0:93a1
2600:9000:2127:b200:11:2a6a:9480:93a1
2606:4700:10::6816:2e76
2606:4700:10::ac43:1e71
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:81d::2008
2a00:1450:400c:c00::9a
65.9.9.197
65.9.95.111
65.9.95.16
65.9.95.30
65.9.95.50
65.9.95.58
65.9.95.68
65.9.98.75
04a74005d21b5102650913c704a642d03754e025ba52ce9c55e2f70800cc6790
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
086bf7c3e30196f305c87baf9f9d0e1f7e61268bf8d741ec1cad31cad97b13e9
0a978b7a3adf9b6249dfa684c663667fef1a656ac9eadcb2dd8ff820d1432814
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
15d5be424df2b7f6ff47eb730d7320b6261e6db4b964d3aae403e7baabce081d
18d9bd3271e66c5e2ae67b85f3f637df9d9ab82bb92030bcdc6828e2698acada
1d0d9e2523056b4f82c369b8cc81699f218b1f02964a8652862bde244725f772
1deed0ae4f590e6dc7f8ea21750c0caa4f548bedf5855c8cb2336b5e5945f664
1e1c09606161fbec43641db80ce51a9ea5683391ce4bd0b3ca88884b87a9ed75
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c
32da65af389c7f0cc95ae5f8ee86d41582af3d501a40525dc286117283283cd7
3435b49596ce82bc24cacc88215a1b0541a41a2a8bf8e8a000c7ec0fa0316cb9
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
537bc062e0bdcaefd5ab7916e53a59bb58f00e826665377cb9dce2aae1acefcd
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c
57f5e724c15edab923ed9693c12bc42905180b179d15334a60a7f81293ab053d
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef
58cd92215658bd2c3a7d72562caf3d7d1bd1aa83056f71be5ca1c9322366eff4
62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84
62eb8661279e0d6e07294f577fe430f06878587b7bb3eb4b75e38c3fe75086cf
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2271f31c76c59ef9fdec94621ecc1b16eadcc30a5a89fb387c4e57ffc0a9bb
6e92672da03844cf1ca55a1875062d319ae104c89b4823e1e52ad514bf60f88a
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
7d5f584e227377d23f2be314bfbff89f0606e2e9570ed103648b94d38824f220
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
8939bc68d09b0463e4b2533aac8d872625b1c4580a122d4c604393ebb47088e1
8d48195ace3008183efb884a8d1e792771a3cfe22bcafa443437ba21eb4e5752
928a4f53a88e8ffcc5d8a7564a5fadfd2394b54b4b56450b45be1da46532fb23
97977fb76379eae6534f1d689c691c6927846f60fa8691b20e03f51e3280a571
9a96a92875bd2ff5134bb528b733400e788290335dc87a791b34718a2d992796
9b2d7be01ec2d1b823ee1f6d55dd17467667efb69dfad7d10bddc6ea054d731e
b0b62089c26bc4ac6646fc7096b19e7917852f66722166a136ce7f3014b1bba4
b96e92a938ffcde947abedf14b10cb8d79e91cfa29968de8f6ed987d79255385
be547c9eb5b3ae46ffdf76d3b2de284c796a3ccd20f61833896373b0b942fd8a
bfc255f6a0143cd9dd1762dd6a4c4a9bd202f30b967e609dd2e31ad7c4436d0d
c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52
ca587028a002c1c797a5caa6dfb61f0ce60f1389f8683f4f1ee5902f8c7743b4
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
dcd2fa8d63c912161b628be0d784dfb9ce1f913e67e379615c6bf3471c506d61
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72874edbc16d3546a3ab2aef473e9e0952a37897de1481db248342c628759a8
e8c8401220a414dcb94ba1712ea74b475b60ddd3038b9abdb86a1c3ced9b1e4a
e91d4a20f666d5a4e4202a792e3f29ac01118f187d9893af7e0597b1377375dd
e9bacc445ab897c1acf21abe9e3dbf6e87accae8818269dba0b67ac05cde5979
f317f5740558b6ef74dc20e9816a50c33238659f4c0d3c7a2e47d4b1280a0dad
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1