URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Submission: On November 23 via api from US — Scanned from DE

Summary

This website contacted 155 IPs in 9 countries across 132 domains to perform 954 HTTP transactions. The main IP is 2606:4700:10::6816:4e8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shefinds.com. The Cisco Umbrella rank of the primary domain is 146774.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 29th 2023. Valid for: a year.
This is the only time www.shefinds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
72 2606:4700:10:... 13335 (CLOUDFLAR...)
4 151.101.194.207 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.1.91 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.66.122.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 199.232.197.131 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.102.36.95 16625 (AKAMAI-AS)
18 18 20.225.97.235 8075 (MICROSOFT...)
8 52.222.214.115 16509 (AMAZON-02)
1 18.173.187.61 16509 (AMAZON-02)
1 18.66.192.9 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 99.84.93.105 16509 (AMAZON-02)
1 18.66.112.104 16509 (AMAZON-02)
4 52.87.93.35 14618 (AMAZON-AES)
5 2a03:2880:f08... 32934 (FACEBOOK)
1 18.66.122.25 16509 (AMAZON-02)
1 18.66.192.117 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 4 2600:9000:237... 16509 (AMAZON-02)
1 143.204.215.101 16509 (AMAZON-02)
2 3 2620:116:800d... 16509 (AMAZON-02)
1 151.101.129.91 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
6 96.126.111.33 63949 (AKAMAI-LI...)
3 52.42.244.86 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
3 18.173.155.56 16509 (AMAZON-02)
1 99.84.88.119 16509 (AMAZON-02)
38 18.245.60.103 16509 (AMAZON-02)
5 18.66.112.59 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
1 151.101.130.217 54113 (FASTLY)
2 18.173.154.84 16509 (AMAZON-02)
2 52.21.143.58 14618 (AMAZON-AES)
1 18.173.187.42 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
3 2a03:2880:f17... 32934 (FACEBOOK)
2 52.222.250.70 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 18.173.187.22 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2600:9000:225... 16509 (AMAZON-02)
4 54.86.230.223 14618 (AMAZON-AES)
3 34.246.122.87 16509 (AMAZON-02)
21 18.173.154.46 16509 (AMAZON-02)
2 108.138.36.36 16509 (AMAZON-02)
1 34.205.13.79 14618 (AMAZON-AES)
20 18.173.154.6 16509 (AMAZON-02)
1 20.40.202.0 8075 (MICROSOFT...)
2 54.204.56.198 14618 (AMAZON-AES)
3 99.84.88.84 16509 (AMAZON-02)
9 2600:9000:249... 16509 (AMAZON-02)
16 45.133.44.4 39572 (ADVANCEDH...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 96.46.186.186 7979 (SERVERS-COM)
4 34.247.75.63 16509 (AMAZON-02)
14 45.133.44.3 39572 (ADVANCEDH...)
9 108.138.37.209 16509 (AMAZON-02)
16 2a0c:5c87:524... 55081 (24SHELLS)
3 173.0.146.6 7979 (SERVERS-COM)
3 99.86.4.128 16509 (AMAZON-02)
3 18.165.219.30 16509 (AMAZON-02)
16 51.89.9.254 16276 (OVH)
14 145.40.97.66 54825 (PACKET)
22 27 185.89.211.12 29990 (ASN-APPNEX)
6 40 185.83.71.234 55081 (24SHELLS)
3 15 216.52.2.16 32475 (SINGLEHOP...)
15 23.213.164.238 16625 (AKAMAI-AS)
4 98.98.134.241 21859 (ZEN-ECN)
10 10 46.228.174.117 56396 (AMOBEE)
4 4 46.228.164.11 56396 (AMOBEE)
4 6 35.186.253.211 15169 (GOOGLE)
7 27 104.18.36.155 13335 (CLOUDFLAR...)
3 3 2606:4700:10:... 13335 (CLOUDFLAR...)
6 9 2606:4700:10:... 13335 (CLOUDFLAR...)
12 184.30.211.26 16625 (AKAMAI-AS)
7 65.9.66.104 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
13 2a0c:5c87:523... 55081 (24SHELLS)
1 18.173.184.62 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 198.47.127.19 3257 (GTT-BACKB...)
2 12 176.34.182.11 16509 (AMAZON-02)
6 2a02:fa8:8806... 41041 (VCLK-EU-SE)
7 130.211.23.194 396982 (GOOGLE-CL...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
3 142.250.186.70 15169 (GOOGLE)
32 169.197.150.7 398989 (DEEPINTENT)
12 46.228.174.115 56396 (AMOBEE)
8 2a02:2638:3::7 44788 (ASN-CRITE...)
6 8 185.184.8.90 204995 (RTB-HOUSE...)
7 18.195.156.219 16509 (AMAZON-02)
3 185.86.138.123 201081 (SMARTADSE...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 34.120.63.153 396982 (GOOGLE-CL...)
21 2602:803:c003... 26667 (RUBICONPR...)
3 52.19.228.53 16509 (AMAZON-02)
3 69.166.1.32 27630 (AS-XFERNET)
2 37.157.2.229 198622 (ADFORM)
2 16 193.3.178.3 399668 (E-PLANNING-)
4 185.106.140.18 7979 (SERVERS-COM)
5 2a02:2638:3::3 44788 (ASN-CRITE...)
5 20 2a02:2638:3::c 44788 (ASN-CRITE...)
12 141.95.33.120 16276 (OVH)
2 67.202.105.21 32748 (STEADFAST)
2 2 92.123.20.20 16625 (AKAMAI-AS)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
4 2a0c:5c87:523... 55081 (24SHELLS)
36 2606:4700:10:... 13335 (CLOUDFLAR...)
5 141.95.98.65 16276 (OVH)
2 8.2.110.17 46636 (NATCOWEB)
2 193.3.178.2 399668 (E-PLANNING-)
2 2 52.0.133.59 14618 (AMAZON-AES)
3 18.158.167.70 16509 (AMAZON-02)
17 69.166.1.34 27630 (AS-XFERNET)
2 2 3.214.189.170 14618 (AMAZON-AES)
7 15 18.159.232.130 16509 (AMAZON-02)
14 19 142.250.74.194 15169 (GOOGLE)
5 7 34.111.113.62 396982 (GOOGLE-CL...)
4 6 37.157.6.232 198622 (ADFORM)
13 15.197.193.217 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
2 2600:1f18:659... 14618 (AMAZON-AES)
6 9 52.18.28.96 16509 (AMAZON-02)
2 34.254.143.3 16509 (AMAZON-02)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
4 4 34.111.131.239 396982 (GOOGLE-CL...)
2 185.15.245.83 24961 (MYLOC-AS ...)
4 4 3.71.149.231 16509 (AMAZON-02)
2 2 52.213.93.159 16509 (AMAZON-02)
2 34.160.236.64 396982 (GOOGLE-CL...)
4 52.211.88.8 16509 (AMAZON-02)
2 162.55.233.28 24940 (HETZNER-AS)
6 6 151.101.130.49 54113 (FASTLY)
2 2 3.229.230.187 ()
2 10 67.220.228.202 16509 (AMAZON-02)
2 2.18.160.221 ()
4 4 52.209.20.66 16509 (AMAZON-02)
2 9 69.173.144.139 26667 (RUBICONPR...)
4 4 23.212.211.47 16625 (AKAMAI-AS)
14 23.52.120.246 16625 (AKAMAI-AS)
2 205.234.175.175 23352 (SERVERCEN...)
3 5 13.248.245.213 16509 (AMAZON-02)
3 130.211.16.136 396982 (GOOGLE-CL...)
3 172.64.149.180 13335 (CLOUDFLAR...)
3 23.211.9.60 16625 (AKAMAI-AS)
3 23.52.120.27 16625 (AKAMAI-AS)
2 8 185.86.139.102 201081 (SMARTADSE...)
3 46.228.164.13 ()
5 5 52.86.219.183 14618 (AMAZON-AES)
5 8 208.93.169.131 46244 (WEBMD-IDC...)
6 6 193.0.160.131 54312 (ROCKETFUEL)
2 3 50.31.142.95 ()
4 4 54.82.32.1 ()
4 4 99.84.88.8 ()
2 35.244.174.68 ()
3 185.86.138.152 201081 (SMARTADSE...)
1 1 154.59.122.79 174 (COGENT-174)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
2 3 52.30.78.43 16509 (AMAZON-02)
1 2607:ae80:4::25 26558 (FREEWHEEL)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 35.214.172.60 15169 (GOOGLE)
4 99.81.36.1 16509 (AMAZON-02)
2 2 8.2.110.113 ()
2 209.192.201.180 ()
17 34.247.205.196 ()
1 1 35.210.239.72 ()
2 35.244.159.8 ()
2 2 2a05:d018:d29... ()
2 2 52.4.98.207 ()
1 1 51.68.39.188 ()
2 50.112.29.170 ()
2 2 124.146.153.167 ()
1 1 178.250.1.9 ()
2 2a02:6ea0:c70... ()
954 155
Apex Domain
Subdomains
Transfer
78 shefinds.com
www.shefinds.com — Cisco Umbrella Rank: 146774
mtm.shefinds.com — Cisco Umbrella Rank: 460651
8 MB
69 spot.im
launcher.spot.im — Cisco Umbrella Rank: 5364
direct-events-collector.spot.im — Cisco Umbrella Rank: 4621
static-cdn.spot.im — Cisco Umbrella Rank: 4581
publisher-assets.spot.im — Cisco Umbrella Rank: 4847
api-2-0.spot.im — Cisco Umbrella Rank: 2826
pix.spot.im — Cisco Umbrella Rank: 4820
793 KB
48 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com
215 KB
46 spotim.market
player.spotim.market — Cisco Umbrella Rank: 6682
ghb.spotim.market — Cisco Umbrella Rank: 7198
sync.spotim.market — Cisco Umbrella Rank: 3594
652 KB
36 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3274
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
12 KB
35 deepintent.com
prebid.deepintent.com — Cisco Umbrella Rank: 9439
cdn.deepintent.com — Cisco Umbrella Rank: 8184
match.deepintent.com — Cisco Umbrella Rank: 1055
8 KB
32 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6758
sync.adtelligent.com — Cisco Umbrella Rank: 3489
ghb.adtelligent.com — Cisco Umbrella Rank: 5236
349 KB
30 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com
108 KB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 154
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
663 KB
29 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com
8 KB
27 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
19 KB
27 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 22480
gdpr.privacymanager.io — Cisco Umbrella Rank: 28689
geo.privacymanager.io — Cisco Umbrella Rank: 1825
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 45930
700 KB
27 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 9559
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
241 KB
22 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
88 KB
21 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
usersync.gumgum.com
7 KB
20 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6743
ads.us.e-planning.net — Cisco Umbrella Rank: 2776
s.e-planning.net — Cisco Umbrella Rank: 5968
u-ams03.e-planning.net — Cisco Umbrella Rank: 39934
i.e-planning.net — Cisco Umbrella Rank: 5337
sync.e-planning.net
9 KB
20 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1987
sync.go.sonobi.com — Cisco Umbrella Rank: 931
13 KB
20 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
assets.a-mo.net — Cisco Umbrella Rank: 1715
13 KB
19 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
77 KB
16 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
54 KB
16 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
1 KB
16 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1961
track1.aniview.com — Cisco Umbrella Rank: 2225
go1.aniview.com — Cisco Umbrella Rank: 5371
422 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
3 KB
15 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
108 KB
15 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
targeting.unrulymedia.com — Cisco Umbrella Rank: 792
2 KB
15 copper6.com
sync.app.copper6.com — Cisco Umbrella Rank: 94982
ghb.app.copper6.com — Cisco Umbrella Rank: 94810
4 KB
15 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
12 KB
14 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
9 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
12 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
317 KB
10 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 984
match.sharethrough.com — Cisco Umbrella Rank: 559
1 KB
9 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
6 KB
9 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2295
849 KB
9 rev-stripe.com
tr.rev-stripe.com — Cisco Umbrella Rank: 144009
1 KB
9 rs-stripe.com
stripe.rs-stripe.com — Cisco Umbrella Rank: 88889
1 KB
8 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
4 KB
8 adform.net
adx.adform.net — Cisco Umbrella Rank: 4418
dmp.adform.net — Cisco Umbrella Rank: 3509
c1.adform.net
4 KB
8 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
hbx.media.net — Cisco Umbrella Rank: 1337
contextual.media.net — Cisco Umbrella Rank: 691
26 KB
8 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7332
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net
1 KB
8 powerinboxedge.com
images-prod.powerinboxedge.com — Cisco Umbrella Rank: 24497
376 KB
8 blogherads.com
ads.blogherads.com — Cisco Umbrella Rank: 15323
267 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com
2 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
5 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
2 KB
6 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
usermatch.krxd.net
2 KB
6 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com
2 KB
6 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9542
user-sync.adxpremium.services
7 KB
6 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
3 KB
6 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2650
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3773
2 KB
6 narrativ.com
events.release.narrativ.com — Cisco Umbrella Rank: 9172
links.release.narrativ.com — Cisco Umbrella Rank: 38358
3 KB
6 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3071
srv-2023-11-23-01.pixel.parsely.com
57 KB
6 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5248
people.api.boomtrain.com — Cisco Umbrella Rank: 5652
46 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
5 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
5 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
1 KB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
151 KB
5 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 10694
api.viglink.com — Cisco Umbrella Rank: 16861
31 KB
5 keywee.co
cdn.keywee.co — Cisco Umbrella Rank: 16707
pixel.keywee.co — Cisco Umbrella Rank: 14336
35 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
211 KB
5 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 5477
143 KB
4 rezync.com
live.rezync.com
3 KB
4 liadm.com
i.liadm.com
2 KB
4 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 51304
856 B
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27893
2 KB
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 10155
3 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
748 B
4 ad.gt
a.ad.gt — Cisco Umbrella Rank: 1844
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
8 KB
4 marfeelcache.com
bc.marfeelcache.com — Cisco Umbrella Rank: 305437
10 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
1 KB
3 zemanta.com
b1sync.zemanta.com
636 B
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
4 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
2 KB
3 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
29 KB
3 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4142
301 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
270 B
3 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
2 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
63 KB
3 cloudfront.net
d3ezl4ajpp2zy8.cloudfront.net Failed
d1z2jf7jlzjs58.cloudfront.net
d3r7h55ola878c.cloudfront.net
3 KB
3 sellwild.com
widget.sellwild.com — Cisco Umbrella Rank: 42759
cache.sellwild.com — Cisco Umbrella Rank: 54798
469 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
fonts.googleapis.com — Cisco Umbrella Rank: 31
61 KB
3 typenetwork.com
cloud.typenetwork.com — Cisco Umbrella Rank: 30589
fastly-cloud.typenetwork.com — Cisco Umbrella Rank: 44777
72 KB
2 vidoomy.com
vid.vidoomy.com
vpaid.vidoomy.com Failed
37 KB
2 socdm.com
tg.socdm.com
1 KB
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com
374 B
2 ipredictive.com
sync.ipredictive.com
930 B
2 ck-ie.com
as.ck-ie.com
968 B
2 rlcdn.com
idsync.rlcdn.com
140 B
2 bluekai.com
tags.bluekai.com
290 B
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
129 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1324
316 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
1 KB
2 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 25983
99 B
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7844
648 B
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 13579
920 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 705
267 B
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2836
376 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
595 B
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3714
120 B
2 adxbid.info
adxbid.info — Cisco Umbrella Rank: 12205
6 KB
2 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
2 nodserving.com
p.nodserving.com — Cisco Umbrella Rank: 29951
41 KB
2 jcontentcdn.com
p.jcontentcdn.com — Cisco Umbrella Rank: 29151
41 KB
2 annocdn.com
p.annocdn.com — Cisco Umbrella Rank: 29899
41 KB
2 boomtrain.net
onsite.boomtrain.net — Cisco Umbrella Rank: 292076
1 KB
2 gstatic.com
fonts.gstatic.com
50 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
21 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
7 KB
1 nrich.ai
dsp.nrich.ai
581 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk
238 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
289 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
424 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
652 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
242 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1356
181 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
653 B
1 azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 27060
952 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
643 B
1 sovrn.com
comparisons.sovrn.com — Cisco Umbrella Rank: 18714
1 KB
1 shemedia.com
ads.shemedia.com — Cisco Umbrella Rank: 17419
777 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
255 B
1 rmtag.com
intljs.rmtag.com — Cisco Umbrella Rank: 13958
6 KB
1 bam-x.com
static.bam-x.com — Cisco Umbrella Rank: 77074
42 KB
1 revenuestripe.com
branding.revenuestripe.com — Cisco Umbrella Rank: 44887
1 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3638
164 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
84 KB
0 bemail.it Failed
bn01.er.bemail.it Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
954 132
Domain Requested by
72 www.shefinds.com www.shefinds.com
38 static-cdn.spot.im launcher.spot.im
static-cdn.spot.im
www.shefinds.com
28 mwzeom.zeotap.com spl.zeotap.com
26 match.deepintent.com cdn.deepintent.com
rtb.gumgum.com
24 ib.adnxs.com 19 redirects player.spotim.market
spl.zeotap.com
21 fastlane.rubiconproject.com player.spotim.market
21 sync.spotim.market rumcdn.geoedge.be
www.shefinds.com
prebid.a-mo.net
player.spotim.market
21 api-2-0.spot.im static-cdn.spot.im
20 cmp-consent-tool.privacymanager.io gdpr.privacymanager.io
cmp-consent-tool.privacymanager.io
19 cm.g.doubleclick.net 14 redirects spl.zeotap.com
rtb.gumgum.com
17 usersync.gumgum.com rtb.gumgum.com
17 sync.go.sonobi.com ads.us.e-planning.net
16 onetag-sys.com rumcdn.geoedge.be
player.spotim.market
player.adtelligent.com
ads.us.e-planning.net
15 x.bidswitch.net 7 redirects ads.us.e-planning.net
spl.zeotap.com
rtb.gumgum.com
15 ads.pubmatic.com rumcdn.geoedge.be
player.adtelligent.com
ads.us.e-planning.net
player.spotim.market
rtb.gumgum.com
15 ap.lijit.com 3 redirects rumcdn.geoedge.be
www.shefinds.com
player.spotim.market
14 eus.rubiconproject.com ads.us.e-planning.net
player.spotim.market
eus.rubiconproject.com
rtb.gumgum.com
14 prebid.a-mo.net rumcdn.geoedge.be
player.spotim.market
player.adtelligent.com
13 match.adsrvr.org spl.zeotap.com
player.spotim.market
ssum.casalemedia.com
rtb.gumgum.com
13 ghb.adtelligent.com p.jcontentcdn.com
p.annocdn.com
p.nodserving.com
player.spotim.market
player.adtelligent.com
13 ssum-sec.casalemedia.com 6 redirects www.shefinds.com
player.spotim.market
ssum.casalemedia.com
13 ghb.spotim.market player.spotim.market
12 id5-sync.com player.adtelligent.com
player.spotim.market
12 targeting.unrulymedia.com player.spotim.market
12 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
12 sync.app.copper6.com 6 redirects rumcdn.geoedge.be
player.spotim.market
12 player.adtelligent.com player.spotim.market
p.jcontentcdn.com
p.annocdn.com
player.adtelligent.com
p.nodserving.com
12 player.spotim.market www.shefinds.com
rumcdn.geoedge.be
10 aax-eu.amazon-adsystem.com 2 redirects spl.zeotap.com
player.spotim.market
10 mug.criteo.com
10 gum.criteo.com 5 redirects
9 dpm.demdex.net 6 redirects
9 btloader.com 6 redirects www.shefinds.com
9 c.amazon-adsystem.com player.spotim.market
c.amazon-adsystem.com
9 track1.aniview.com player.aniview.com
9 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
9 tr.rev-stripe.com 9 redirects
9 stripe.rs-stripe.com 9 redirects
8 bh.contextweb.com 5 redirects
8 rtb-csync.smartadserver.com 2 redirects
8 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
8 spl.zeotap.com player.adtelligent.com
spl.zeotap.com
ads.us.e-planning.net
8 bidder.criteo.com player.spotim.market
player.adtelligent.com
8 securepubads.g.doubleclick.net widget.sellwild.com
securepubads.g.doubleclick.net
www.shefinds.com
rumcdn.geoedge.be
8 images-prod.powerinboxedge.com www.shefinds.com
8 ads.blogherads.com www.shefinds.com
ads.blogherads.com
7 token.rubiconproject.com eus.rubiconproject.com
7 pixel.tapad.com 5 redirects spl.zeotap.com
7 btlr.sharethrough.com player.spotim.market
7 api.btloader.com c.aaxads.com
7 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
7 tags.crwdcntrl.net rumcdn.geoedge.be
s.e-planning.net
tags.crwdcntrl.net
7 sync.adtelligent.com www.shefinds.com
player.adtelligent.com
ads.us.e-planning.net
7 sync.1rx.io 7 redirects
6 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
6 creativecdn.com 6 redirects
6 p.rfihub.com 6 redirects
6 sync-tm.everesttech.net 6 redirects
6 htlb.casalemedia.com player.spotim.market
6 prebid.deepintent.com player.spotim.market
6 ad-delivery.net www.shefinds.com
c.aaxads.com
6 assets.a-mo.net prebid.a-mo.net
6 rtb.openx.net 4 redirects ads.us.e-planning.net
6 mtm.shefinds.com www.shefinds.com
mtm.shefinds.com
5 sync.srv.stackadapt.com 5 redirects
5 eb2.3lift.com 3 redirects ads.us.e-planning.net
5 lb.eu-1-id5-sync.com player.adtelligent.com
player.spotim.market
5 id.crwdcntrl.net player.adtelligent.com
player.spotim.market
5 static.criteo.net player.spotim.market
player.adtelligent.com
5 publisher-assets.spot.im launcher.spot.im
static-cdn.spot.im
5 connect.facebook.net www.shefinds.com
connect.facebook.net
5 www.lightboxcdn.com www.shefinds.com
www.lightboxcdn.com
4 c1.adform.net 4 redirects
4 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
4 live.rezync.com 4 redirects
4 i.liadm.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 4 redirects
4 beacon.krxd.net spl.zeotap.com
4 idsync.frontend.weborama.fr 4 redirects
4 s.console.adtarget.com.tr player.adtelligent.com
s.console.adtarget.com.tr
4 rtb.adxpremium.services player.adtelligent.com
adxbid.info
4 pbjs.e-planning.net 2 redirects
4 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
4 ad.turn.com 4 redirects
4 pixel-sync.sitescout.com www.shefinds.com
player.spotim.market
ssum.casalemedia.com
4 api.viglink.com cdn.viglink.com
4 player.aniview.com static-cdn.spot.im
player.aniview.com
4 events.release.narrativ.com static.bam-x.com
www.shefinds.com
4 cdn.keywee.co 1 redirects www.shefinds.com
cdn.keywee.co
4 people.api.boomtrain.com cdn.boomtrain.com
4 bc.marfeelcache.com www.shefinds.com
bc.marfeelcache.com
3 secure.adnxs.com 3 redirects
3 match.prod.bidr.io 2 redirects ssum.casalemedia.com
3 ssbsync.smartadserver.com ssum.casalemedia.com
rtb.gumgum.com
3 b1sync.zemanta.com 2 redirects
3 d.turn.com player.spotim.market
3 contextual.media.net player.spotim.market
3 acdn.adnxs.com player.spotim.market
3 js-sec.indexww.com player.spotim.market
3 cdn.deepintent.com player.spotim.market
3 dsp.adfarm1.adition.com 3 redirects
3 match.sharethrough.com ads.us.e-planning.net
3 apex.go.sonobi.com player.spotim.market
3 hb-api.omnitagjs.com player.spotim.market
3 prebid.media.net player.spotim.market
3 hbopenbid.pubmatic.com player.spotim.market
3 prg.smartadserver.com player.spotim.market
3 web.hb.ad.cpe.dotomi.com player.spotim.market
3 ghb.app.copper6.com player.spotim.market
3 ad.doubleclick.net www.shefinds.com
c.aaxads.com
3 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
3 cdn.id5-sync.com rumcdn.geoedge.be
3 cdn.hadronid.net www.shefinds.com
3 c.aaxads.com 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 config.aps.amazon-adsystem.com rumcdn.geoedge.be
3 go1.aniview.com player.aniview.com
3 pix.spot.im static-cdn.spot.im
3 srv-2023-11-23-01.pixel.parsely.com www.shefinds.com
3 www.facebook.com www.shefinds.com
3 gdpr-wrapper.privacymanager.io ads.blogherads.com
gdpr.privacymanager.io
3 cdn.parsely.com www.shefinds.com
d1z2jf7jlzjs58.cloudfront.net
3 jadserve.postrelease.com s.ntv.io
www.shefinds.com
2 vid.vidoomy.com adxbid.info
2 tg.socdm.com 2 redirects
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 sync.e-planning.net rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 us-u.openx.net rtb.gumgum.com
2 user-sync.adxpremium.services adxbid.info
2 as.ck-ie.com 2 redirects
2 idsync.rlcdn.com ssum.casalemedia.com
2 i.e-planning.net ads.us.e-planning.net
2 ssum.casalemedia.com ads.us.e-planning.net
2 cms.quantserve.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 tags.bluekai.com spl.zeotap.com
2 usermatch.krxd.net 2 redirects
2 sync.richaudience.com spl.zeotap.com
2 odr.mookie1.com spl.zeotap.com
2 aa.agkn.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 dmp.theadex.com spl.zeotap.com
2 loadeu.exelator.com spl.zeotap.com
2 dmp.v.fwmrm.net spl.zeotap.com
2 trc.taboola.com spl.zeotap.com
2 dmp.adform.net spl.zeotap.com
2 cookies.nextmillmedia.com 2 redirects
2 ssp.disqus.com 2 redirects
2 s.e-planning.net ads.us.e-planning.net
2 sync.admanmedia.com ads.us.e-planning.net
2 adxbid.info player.adtelligent.com
2 hbx.media.net 2 redirects
2 ssc-cms.33across.com player.adtelligent.com
2 ads.us.e-planning.net player.adtelligent.com
2 adx.adform.net player.adtelligent.com
2 prebid-eu.creativecdn.com player.spotim.market
2 id.hadron.ad.gt cdn.hadronid.net
2 p.nodserving.com rumcdn.geoedge.be
p.nodserving.com
2 p.jcontentcdn.com rumcdn.geoedge.be
p.jcontentcdn.com
2 p.annocdn.com rumcdn.geoedge.be
p.annocdn.com
2 links.release.narrativ.com static.bam-x.com
2 geo.privacymanager.io gdpr.privacymanager.io
2 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
cmp-consent-tool.privacymanager.io
2 a.ad.gt www.shefinds.com
rumcdn.geoedge.be
2 cache.sellwild.com widget.sellwild.com
2 d1z2jf7jlzjs58.cloudfront.net www.shefinds.com
2 onsite.boomtrain.net cdn.boomtrain.com
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 fonts.gstatic.com www.shefinds.com
fonts.googleapis.com
2 z-na.amazon-adsystem.com www.shefinds.com
2 maxcdn.bootstrapcdn.com www.shefinds.com
2 cdn.boomtrain.com www.shefinds.com
2 ajax.googleapis.com www.shefinds.com
2 cloud.typenetwork.com www.shefinds.com
2 cdnjs.cloudflare.com www.shefinds.com
1 dis.criteo.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 csync.loopme.me 1 redirects
1 s.company-target.com 1 redirects
1 ads.stickyadstv.com ssum.casalemedia.com
1 s.ad.smaato.net
1 d.adroll.com ssum.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 d3r7h55ola878c.cloudfront.net www.lightboxcdn.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 pixel.keywee.co www.shefinds.com
1 fonts.googleapis.com widget.sellwild.com
1 rules.quantcount.com secure.quantserve.com
1 comparisons.sovrn.com cdn.viglink.com
1 ads.shemedia.com ads.blogherads.com
1 direct-events-collector.spot.im launcher.spot.im
1 region1.google-analytics.com www.googletagmanager.com
1 fastly-cloud.typenetwork.com cloud.typenetwork.com
1 secure.quantserve.com www.shefinds.com
1 cdn.viglink.com www.shefinds.com
1 intljs.rmtag.com www.shefinds.com
1 static.hotjar.com www.shefinds.com
1 static.bam-x.com www.shefinds.com
1 widget.sellwild.com www.shefinds.com
1 launcher.spot.im www.shefinds.com
1 branding.revenuestripe.com www.shefinds.com
1 s.ntv.io www.shefinds.com
1 www.googletagmanager.com www.shefinds.com
0 vpaid.vidoomy.com Failed vid.vidoomy.com
0 bn01.er.bemail.it Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 d3ezl4ajpp2zy8.cloudfront.net Failed www.shefinds.com
954 213
Subject Issuer Validity Valid
shefinds.com
Go Daddy Secure Certificate Authority - G2
2023-08-29 -
2024-09-29
a year crt.sh
marfeelcache.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-07-27 -
2024-08-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
cloud.typenetwork.com
R3
2023-10-18 -
2024-01-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.boomtrain.com
Amazon RSA 2048 M02
2023-02-09 -
2024-03-09
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.blogherads.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-07 -
2024-10-08
a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1
2023-08-28 -
2024-08-28
a year crt.sh
*.spot.im
Amazon RSA 2048 M02
2023-09-03 -
2024-09-30
a year crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3
2023-10-09 -
2024-10-08
a year crt.sh
z-na.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-18 -
2024-02-17
a year crt.sh
*.sellwild.com
Amazon RSA 2048 M01
2023-02-22 -
2024-03-22
a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M03
2023-09-16 -
2024-10-14
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-01 -
2023-11-30
3 months crt.sh
static.planethowl.com
Amazon RSA 2048 M01
2023-08-07 -
2024-09-04
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
intljs.rmtag.com
GTS CA 1D4
2023-10-03 -
2024-01-01
3 months crt.sh
viglink.com
Amazon RSA 2048 M02
2023-09-13 -
2024-10-11
a year crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
fastly-cloud.typenetwork.com
R3
2023-10-18 -
2024-01-16
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
mtm.shefinds.com
R3
2023-10-14 -
2024-01-12
3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-08-30 -
2024-09-28
a year crt.sh
*.parsely.com
Amazon RSA 2048 M02
2023-05-06 -
2024-06-03
a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01
2023-07-27 -
2024-08-24
a year crt.sh
*.shemedia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-07 -
2024-10-08
a year crt.sh
app.zetaglobal.net
Amazon RSA 2048 M02
2023-04-15 -
2024-05-13
a year crt.sh
comparisons.sovrn.com
Amazon RSA 2048 M03
2023-11-21 -
2024-12-19
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.anyword.com
Amazon RSA 2048 M01
2023-06-05 -
2024-07-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.release.narrativ.com
Amazon RSA 2048 M02
2023-07-17 -
2024-08-13
a year crt.sh
*.pixel.parsely.com
R3
2023-11-15 -
2024-02-13
3 months crt.sh
pixel.keywee.co
Amazon ECDSA 256 M01
2023-02-01 -
2024-03-01
a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 06
2023-05-21 -
2024-05-15
a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01
2023-08-12 -
2024-09-09
a year crt.sh
player.spotim.market
R3
2023-10-17 -
2024-01-15
3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-11 -
2024-09-11
a year crt.sh
player.adtelligent.com
R3
2023-11-15 -
2024-02-13
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
ghb.spotim.market
ZeroSSL ECC Domain Secure Site CA
2023-10-18 -
2024-01-16
3 months crt.sh
p.annocdn.com
R3
2023-10-16 -
2024-01-14
3 months crt.sh
p.jcontentcdn.com
R3
2023-10-17 -
2024-01-15
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.a-mo.net
R3
2023-11-07 -
2024-02-05
3 months crt.sh
sync.spotim.market
R3
2023-11-20 -
2024-02-18
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
sync.app.copper6.com
ZeroSSL ECC Domain Secure Site CA
2023-10-24 -
2024-01-22
3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
p.nodserving.com
R3
2023-10-14 -
2024-01-12
3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
hadronid.net
GTS CA 1P5
2023-10-05 -
2024-01-03
3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-09-29 -
2023-12-28
3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
api.btloader.com
GTS CA 1D4
2023-10-10 -
2024-01-08
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
ghb.app.copper6.com
ZeroSSL ECC Domain Secure Site CA
2023-11-15 -
2024-02-13
3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-10-28 -
2024-01-26
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-08-05
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
ads.us.e-planning.net
R3
2023-09-21 -
2023-12-20
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-11-20 -
2024-02-18
3 months crt.sh
adxbid.info
E1
2023-10-07 -
2024-01-05
3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2023-11-19 -
2024-02-17
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2
2023-04-20 -
2024-05-21
a year crt.sh
*.e-planning.net
R3
2023-09-21 -
2023-12-20
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-09 -
2023-12-10
a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-29 -
2024-06-11
a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-18 -
2024-09-17
a year crt.sh
dmp.theadex.com
R3
2023-10-21 -
2024-01-19
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-03-29
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-02-27 -
2024-02-26
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2023-01-09 -
2024-02-09
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1
2023-03-22 -
2024-03-31
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-16 -
2024-09-05
a year crt.sh
d.adroll.com
Amazon RSA 2048 M01
2023-10-09 -
2024-11-07
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02
2023-02-09 -
2024-01-26
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-14
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M01
2023-02-21 -
2024-03-21
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-02-08 -
2024-02-15
a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-10-06
a year crt.sh

This page contains 131 frames:

Primary Page: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Frame ID: A376029C53424DF03ACABFDF6B446FEB
Requests: 229 HTTP requests in this frame

Frame: https://www.shefinds.com/iframe-modal/
Frame ID: 3976D873EB59528B8F6F94669C8CE8B6
Requests: 35 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: E1C024630645289C6EAB5E1B3CFC6FD4
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1700701835806&lv=1
Frame ID: FA325A0E06A465D55BB65D604A1C9A40
Requests: 2 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: D89A71BC8D7737D6233DF127EAE1EFB2
Requests: 1 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: BACF2FA7AA1EC584E731ED93661888CF
Requests: 21 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: BE3ED71227C4B1921B81A387412B3A17
Requests: 96 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 4B513D9C9CABAA621705E5316B7A45C8
Requests: 94 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: F38EC06A453E96FA625AD944C4AA2A2F
Requests: 94 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 0FF18BC00F2B791DBCC84635C58B0BD1
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 91A53E9CDC7B3D6572BD0893CD1F097E
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 1AFEE61E6A46A99A73611B644A6A9D63
Requests: 2 HTTP requests in this frame

Frame: https://p.annocdn.com/prebidlink/19684/j.html?i=11594
Frame ID: 72D41DFE84495F61877AB1256172A3C4
Requests: 20 HTTP requests in this frame

Frame: https://p.jcontentcdn.com/prebidlink/19684/j.html?i=11595
Frame ID: CF4209438F766DA845FB681D21C73D5F
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: A1E0353AADFDCC17BA82CD5A5652BAF8
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 661DEE14A1B35EC5C89D8A76EECC9C6C
Requests: 3 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 0487E0369B878E36A934B21DB89E6226
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: 22B1A93456900FBCE1FDB8A2EBBDC143
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 8C3841A457BC1F563D7AF7279EE80CE9
Requests: 2 HTTP requests in this frame

Frame: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Frame ID: A8DC85592D5670AB8453A766112AE69F
Requests: 1 HTTP requests in this frame

Frame: https://p.nodserving.com/prebidlink/19684/j.html?i=11600
Frame ID: DAC9033EE04252BC7227C1B16F60286C
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 5FB616A87B0AB3F4A439C5F363771CA0
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 3E58A740EFDEB88A3DAD6C62D6F9DF49
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: A7F14B0290045E1AE5F97CAEA3E98B40
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 59D778A169130860C770DD25A90DB752
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 76B0472C6EE10B218BD3273140B6409D
Requests: 1 HTTP requests in this frame

Frame: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Frame ID: 485A84EF37B5BF08DFFEBCD4290F7736
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: AD081744846B115D5089FE22B79546D1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 74CD7120464ECE4DA78F2F6C436022BC
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 6F8571238BA28A4154EAA2BD021F59BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: B7F11C7474C4CC3F626FDB948F531EF9
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 6250F82E8C82036FFF224D80F753DA4F
Requests: 3 HTTP requests in this frame

Frame: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Frame ID: 0961D07D959376129D3B43118A774688
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: C38D7FFAF097F2672D8F525F17F04DEC
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 4BC36D05E4F693733F7120F52D50FA2F
Requests: 13 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: BBD947852FE9E45404890A77DFBA2BF7
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 1088AB514B365514C373E45AC077B724
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Frame ID: 5C4DE1C4A7A971ADFBC73B4433D563CD
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 78A1DD499F791A78116F3CBF9B0F3AF3
Requests: 4 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: FC1ADD8FAC642B49E0A86D2668C62A59
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 0CB76D86C29D6DCA5E3D94AB27440785
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 5CD5D2006D11663FE9A0ED8AC5605585
Requests: 33 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 36B14ABFA403776937EC368601255DFB
Requests: 33 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: BB8E1D115311DEE3C2EA8D14B42E1454
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 7C4E4D06E847BF6510DFAD26EBDF5949
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 76D37C3E1C33496FDF464BCF39932F12
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 2C9154E73A6C421951D1745B7DB2FB1F
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 95314C2607B2E0AC213F2908C62B4402
Requests: 4 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: B652D3533C26BDCA82F433963C5D9B99
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Frame ID: F29CC81A70BB6A397CE9265833A0C470
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dabf742fe032a068b%26uid%3D
Frame ID: 447013101C22F643C8AA0A158244E4D0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 57D3756C5AD7EE2622C84E48835BC0DC
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Frame ID: 271838103AFE59BB612B3D718A5B84DE
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 105C5EB577462F3899379EC223263EA9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: C9BDA02FB81503C3EDB78FB9344A3FEF
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 86B835662F0E3B8C14696D9D40609F3F
Requests: 4 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: 4B1D5CD2126E7C1875CD83C90BDDA820
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 1DB227912EBF686B744927BAE3F0A991
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 53159FCAAE909890E2CC9D67FA0757F0
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1---&informer=13399841
Frame ID: 4A75D0126F80AC23581DACA975932F7D
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Frame ID: 7D5814BE1D4C050AC8B6B65A1D8F5A7F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E83256AAC69457AA0392931F713F9927
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 70F8BED163541233E2C48DB3C63C9617
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3ECE1CA56EB05380D533701132848A7B
Requests: 1 HTTP requests in this frame

Frame: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Frame ID: E3CDBD2D4511AC39B4BEC66333D1B6EB
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: CCE25059E8C29DBE571984F8DCE1FFA3
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 5E0296E1B5A37DD4BB06DA5982F55A00
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700701839434&gdpr=0&us_privacy=1---
Frame ID: 26A931C1A6EF6FF9BECABDC0A4E1C3E6
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 9C5E476B8B7285601CAB51482AE0612C
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 2DC7006B15181FC99FBD5075B67AB196
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 218F373D03010DDE158F83B5757DF484
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dabf742fe032a068b%26uid%3D
Frame ID: 98741EBA8697A7DEEF460A3A1961D7A1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 99C9DA7007411E5A4A35A2457F555892
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Frame ID: E0CAB3E622DF543079404D4155A0485B
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 8345BE1C1079749C4E45A3F2085A6DC5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 0443F3AD3611ACE18C84327E00C02656
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: F0F25901BE611A1F2811336A304EB0AF
Requests: 4 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 5E43BD97D2035730A97F144BD844C6ED
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6D1E9658056E90423E42ECFFA777EC67
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 99214D15AC25387BF356DC60F612A36E
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 3DC42760FC47AFA7FAB9E50402F418C3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 97C44446BEAB984BD4998198F8CB6481
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 8CFFC38FD2454D6DCD8C211F2F6CE7D8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A7053D8D79E75D077BA327556C39F1EC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 9CE0FEA05EFF805664AAEACB51A20B4D
Requests: 3 HTTP requests in this frame

Frame: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Frame ID: CFDC999FB9EAB80049AA1AD7932A4572
Requests: 1 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: E4073D10174CFD42191B6338B2070BFC
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1---&informer=13399841
Frame ID: B7DC83A1AA2C0DEA61EA7259737F7BE6
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Frame ID: 916DCAF9C4DB41B0AC715B5F5B1F986D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: B9D0105B5E3B232790512CF792D0E194
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700701839458&gdpr=0&us_privacy=1---
Frame ID: 7833ECCED5844F9D59A93B01567029A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 14B55B1D3F8CC9D3DFC8361FD1F657D6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Frame ID: 23A9384CC5D1156FA5C594C8866CA43C
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 0F22A4342F7EC71C1C0C64B1F90487CA
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AGoOP8CWAjycq14Z
Frame ID: 92D642184B3AADC9E3AD483BF07D8BA1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Frame ID: 20672EC67F37DB3F582D30C8F3195696
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: AE06C0076A661A2C86892212C07EFF32
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AGoOP8CWAjycq14Z
Frame ID: 152FD88108E895667BBBA692077705DF
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://p.jcontentcdn.com/
Frame ID: 946F4ABE4725041188004FF1025BFC72
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://p.annocdn.com/
Frame ID: CC69328DF5317B81611572DA730AF7ED
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5327810569399153408&gdpr=&gdpr_consent=
Frame ID: 1BA82F373288F6B4BCFC1C7BC1FD6A25
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80ZTg1NWQyZC1iNGZmLTQ2OGItODAzMC0wNDA2OTZlYTM0ZGU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 282C1AA4EAF783B9D70B145725313666
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 2C54B909ECF638B8B60F69D0CAEAB46D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 01F1A434B4DC45B1C2350BA4E9B9D45B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8XYAALgqW9wAAAAA
Frame ID: 7A3DB7B70F99B5E98C5C646A5B7FA244
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
Frame ID: E4CB4DD1FD07E9082CED26656A5F9205
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3F9FBE1AF40AE71BD7E1556B7035C3B6
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=7464508210251001830&gdpr=&gdpr_consent=
Frame ID: 8450D5842B602BBC2BFD8081C4AC8EB1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMzY2NmNjNS01MjUyLTRkMDEtOTk4OC1hMmRkZTg5NzliMzg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 92E92475D7D4EE845162073A697281BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F14FD58555221FEB5F9D09FF39D7DA45
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 8C2F13A8BFF5B296227F524FFAAACB8C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8X0AABYv8N8AAAAA
Frame ID: 51C10C3D27BC094C638E51F5C3CB4E6F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
Frame ID: 5E8C6274924CF328B503898A718904BA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 358BC37D923D48DDE2153CC7749622DE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1CD9560C06C76CDCD6CEE9255B0839CE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: AC3317CCBA89BD5ACB3DA10C5C3E7223
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 822F9B6104FAE6713135646313723251
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: F67ED783EA2BB63A5043CF100F54888F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4707E5D47D9B36C31471F23427142C11
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: F0816BB2EEEC53DD6681A44407879D59
Requests: 3 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: 3A4A123A9AB3AD32C5D6CCC14A7E857D
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700701839460&gdpr=0&us_privacy=1---
Frame ID: E1C6211E9A92C99145183EB9DE62E011
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Frame ID: 91BB1F18DBABE9988557F92C526BD222
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 106BEE72E0EF947DD79047BB3D821014
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 76FD6C86BA3C9AA3315C20F72EA7EE55
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 9E0AF0369A990904B83B0DCA14D72CD5
Requests: 1 HTTP requests in this frame

Frame: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Frame ID: 84BEE22D8C0A0AF9E3F52EDBECFDC20D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1---&informer=13399841
Frame ID: 424A9004EB29BDD5C6AFFAF7270EFB99
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 2079B02923F3E35DF8DC978F24AABD3D
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 31FEC7C84394806B1C39C178948A07F4
Requests: 2 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 42845B74F6320624AB43EC36B9E118B8
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Doritos Chips Are Being Pulled From Grocery Stores Due To Undeclared Ingredients - SHEfinds

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com


Overall confidence: 10%
Detected patterns
  • basket.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

954
Requests

86 %
HTTPS

23 %
IPv6

132
Domains

213
Subdomains

155
IPs

9
Countries

17111 kB
Transfer

35698 kB
Size

133
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757539
Request Chain 33
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757493
Request Chain 34
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757480
Request Chain 35
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web&cs_uid=23bbe11ce77fd94dbd33881fd1795bdd HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757538
Request Chain 36
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757541
Request Chain 37
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757488
Request Chain 38
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757485
Request Chain 39
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757482
Request Chain 40
  • https://stripe.rs-stripe.com/branding/recommend/short.png HTTP 301
  • https://branding.revenuestripe.com/recommend/short.png
Request Chain 78
  • https://cdn.keywee.co/dist/analytics.min.js HTTP 301
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Request Chain 352
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID%2526%255BGDPR_APPLIES%255D%2526gdpr_consent%253D%255BGDPR_CONSENT_STRING%255D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 355
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3F%252F%252Fsync.app.copper6.com%252Fcsync%253Fredir%253D%2525%2525YOUR_COOKIE_SYNC_URL%2525%2525 HTTP 302
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%% HTTP 302
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Request Chain 357
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1700701838373 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6331299860 HTTP 302
  • https://sync.1rx.io/usersync/turn/8360122921520775269?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cba9f484-fa84-4304-9794-8bec57a29061-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-cba9f484-fa84-4304-9794-8bec57a29061-003 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
Request Chain 358
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
Request Chain 359
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Request Chain 360
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Request Chain 366
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Request Chain 376
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Request Chain 384
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1283715812 HTTP 302
  • https://sync.1rx.io/usersync/turn/8288065327482847333?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cba9f484-fa84-4304-9794-8bec57a29061-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-cba9f484-fa84-4304-9794-8bec57a29061-003 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
Request Chain 385
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjuTGgZKJt24TvbqFLAAA%261198
Request Chain 386
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
Request Chain 389
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 394
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25 HTTP 302
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%% HTTP 302
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Request Chain 400
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3244697517 HTTP 302
  • https://sync.1rx.io/usersync/turn/8432180515558703205?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cba9f484-fa84-4304-9794-8bec57a29061-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-cba9f484-fa84-4304-9794-8bec57a29061-003 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
Request Chain 402
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Request Chain 403
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
Request Chain 407
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 410
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25 HTTP 302
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%% HTTP 302
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Request Chain 431
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Request Chain 569
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.7274672052250248&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=86b173eb-f593-4013-ad26-5598746faf11 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.7274672052250248&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=86b173eb-f593-4013-ad26-5598746faf11
Request Chain 577
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.41226961020971253&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=e7cbabb0-505b-49bb-bf90-18fbd65efb49 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.41226961020971253&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=e7cbabb0-505b-49bb-bf90-18fbd65efb49
Request Chain 591
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.annocdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jbLIwnwxeHJpT1BDMURlM0FyYWhpMW4wdXRjSEVYcDNKVi9BOFNNT1pUYjBudmk2OGk2enNNaTVodVdYZHhZQkJUTGMzMVRzTWtDUFBvdXFPZVRSWDM3Z1kwaXQrWlE3ak81WURVY25yYTB4bkMyaFZNcG44ejNyZ0hITng0U08yUXZsMTRHMEtmQnVWSTlWWDBsNk55aHdrN0VCc2t4T0RoQ24zZHNuY0NjTVkwUUdwczBTQjBuTXlFMzJ1UWNsVytYeFV6cXgzcVk1ZytMZEZnL3FBL3ZLbFExTVZvMmlWWnhyUE5ieXkrQTIrL3gyTVpmV01DaTR0ME9TZkZsTzJobGNKfA&cppv=2
Request Chain 598
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Request Chain 606
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.jcontentcdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=dqpAOXxBQStVdWxqKzBHbDhpbDRQRk9aYXNoN2x1eUc3SlpJT2drMUhHUzFQbjhVTHF2UzNmQ0dqNG5mR3RkR2RvdDRVZDBNRWhETk43NEV5OUZvSld6TTcyT2VMNW8rT0ptaXlzWXJ2Rk9NNmJ3TGFTWTlOV2hQT1ZhRWw0dVR2aC84OGFxbGk4eVZrUXdpYlNZQWZXTC8xN0ttN1d3WWlJT1dML25rOEtTajhMR3ZHQmtCT3ZIWTJsZEVKcmpGWjhyZ0QxZ2Q2dFQ5MTRVMEhxa3F1ZjYwVlNHbWMzS1pLT2VVQ0swM2o1bFZHT0lMS3Bvb0ZsOWpWendmdzIzR3NaRGFSfA&cppv=2
Request Chain 616
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Request Chain 619
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dabf742fe032a068b%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
Request Chain 620
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dabf742fe032a068b%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
Request Chain 624
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Dabf742fe032a068b HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
Request Chain 629
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 636
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=34e68461-c02d-4ac1-6351-b3057e58c27c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=34e68461-c02d-4ac1-6351-b3057e58c27c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 639
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7304458795934742686&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 641
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361&bounce=1&random=3169728394 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 643
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=34e68461-c02d-4ac1-6351-b3057e58c27c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 644
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
Request Chain 645
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nyn8YlUhiwYx35wBTEG6M1deXtyQ40iP%2BS41iYitP1U%3D
Request Chain 649
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361&_test=ZV6mkwABp5d5_ABU HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABp5d5_ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 650
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 651
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361&dcc=t
Request Chain 653
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 654
  • https://pixel.rubiconproject.com/token?pid=41544&puid=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 657
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=nntX-cl4W6-FewCozChPrJArA6yFKlGokSj7JBqL&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Request Chain 661
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dabf742fe032a068b%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
Request Chain 662
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dabf742fe032a068b%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
Request Chain 666
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Dabf742fe032a068b HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
Request Chain 669
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 674
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
Request Chain 677
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 684
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f9341ab5-dafc-42da-578f-2a3b998f439b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f9341ab5-dafc-42da-578f-2a3b998f439b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 687
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7304458795934808222&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 688
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f9341ab5-dafc-42da-578f-2a3b998f439b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f9341ab5-dafc-42da-578f-2a3b998f439b
Request Chain 689
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361&bounce=1&random=1922414163 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 691
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f9341ab5-dafc-42da-578f-2a3b998f439b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 692
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
Request Chain 693
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A4QziKzB3g8x35wBTEG6M5nUoEb1sauu%2BS41iYitP1U%3D
Request Chain 697
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361&_test=ZV6mkwABoVliuwAM HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABoVliuwAM&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 698
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 699
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361&dcc=t
Request Chain 701
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 702
  • https://pixel.rubiconproject.com/token?pid=41544&puid=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 705
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=tcN3X-LAewmuwyAO5s5vWbuTcAyuwiBb5ZNZ-s_m&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Request Chain 709
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=bxiFWnx3TENieGFrTjk0NWFPaG02OHl0N3VXZThVdmFKQXpzOCtnZzJ2T2o0SlU1MVRub3JqdW5MNlpVeHk3NTVDWjlqY2wrazhUcDhTbWsyQ3lSUm1lMWhXa09ZYmQ4eHVsZlJoQW9UckhCZUxWbkFJMHRTNGlHT3o5RnZmZFpFSmgvbVBYZzJ0QWZvOEk2VGFOaHFzd1VBWWN2NDQ1MW1mVElmQ2hQMk00aEJibVUyZHhzWEhCYUpHcnZzQzl4SGFacjR6eEtDMmhaTXFOODhBMjhscFFvcFNtWDQ2MEVjQUoxbmR2a3dNSmlLU1RVPXw&cppv=2
Request Chain 717
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Request Chain 721
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25 HTTP 302
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%% HTTP 302
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Request Chain 722
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 728
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304458795933497502&gdpr=0&gdpr_consent=
Request Chain 730
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Request Chain 731
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1&google_tc= HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMj_GjxF9tgBc0XQUeqfx2Y&google_cver=1
Request Chain 733
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
Request Chain 734
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ad232de9-bca9-4b3c-a88d-fe0ff745e545&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N0pKZzZQbXV4WHFJTXg4bXlwVlMyQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
Request Chain 737
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Request Chain 738
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi&tc=1
Request Chain 742
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Request Chain 743
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&google_hm=YTE4Nzk5Y2ItNWY1OS00MGZjLWJkM2YtMTU4M2ZlODdjN2Iw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
Request Chain 747
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 753
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D05014bea-0d1a-407f-4775-56a31540b29a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=05014bea-0d1a-407f-4775-56a31540b29a&zdid=1361
Request Chain 756
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b0228b5be9b6460fa731189bdbe24492 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b0228b5b-e9b6-460f-a731-189bdbe24492 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%3A1700701844.201286&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%253A1700701844.201286%26_%3D1700701844.203331&cb=1700701844.2033691 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329716308519&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%253A1700701844.201286%26_%3D1700701844.203331 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%3A1700701844.201286&_=1700701844.203331
Request Chain 758
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV6mjkoPYbSZosfd0TjSlQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf98GDj1-20BLiAgIcGUY4&google_cver=1
Request Chain 759
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV6mjkoPYbSZosfd0TjSlQAADLEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNNLbgg6zG1JlwC2x6gH7Q&google_cver=1
Request Chain 761
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=855584585918&us_privacy=1---
Request Chain 768
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=1egP9nwwdGJhZWdtenJTRDBFdjVyUmtIRXREb2dwanZtL3RObFNZV3pDWG5tMVVwL29pQ1R4Nkd6b3FDSlhENitjL3Y0ZC83cHFidWZpeUN1R0RKOUJEZitlSnFnWUU2TjVPTXBrbU1VRDlMa0VoVUlqL3pNcDU5dmY3enhFNnNvUUo0dE9qbE11M2kyclNJcC9CcFdCdHAzbVU1ZlFJNUJCdFZsbFVURk1MQzZlZnVaV3g5a2J0d1IxQS9ld3hIYlVwMFE2TllkbzgrakVXRlNWdlZiRmg2ZEcrelNadFFCd2MzQStlUHFLQ0s4OVUzMVkrc0p1YWdaZE8rVU56L05IZlpBfA&cppv=2
Request Chain 775
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 781
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25 HTTP 302
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%% HTTP 302
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Request Chain 784
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Request Chain 789
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Request Chain 790
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ad232de9-bca9-4b3c-a88d-fe0ff745e545&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=djdhb2VrcU8zVTAyVmh4bGpTbEU4Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
Request Chain 792
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
Request Chain 793
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1&google_tc= HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
Request Chain 794
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&google_hm=YTE4Nzk5Y2ItNWY1OS00MGZjLWJkM2YtMTU4M2ZlODdjN2Iw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
Request Chain 796
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Request Chain 797
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
Request Chain 799
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Request Chain 802
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZV6mkwABqHbi3QBH HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV6mkwABqHbi3QBH&gdpr=0&gdpr_consent=&_test=ZV6mkwABqHbi3QBH
Request Chain 804
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACdYk7KvU0AABK9vc6yJA&partnerid=127&gdpr=0
Request Chain 805
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
Request Chain 811
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d34167401ddd484f81c4c7646e157d0c HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d3416740-1ddd-484f-81c4-c7646e157d0c HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a610202f-416f-4b94-a789-ad8a4c335e2f%3A1700701844.058535&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da610202f-416f-4b94-a789-ad8a4c335e2f%253A1700701844.058535%26_%3D1700701844.067758&cb=1700701844.0678093 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329716308519&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da610202f-416f-4b94-a789-ad8a4c335e2f%253A1700701844.058535%26_%3D1700701844.067758 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a610202f-416f-4b94-a789-ad8a4c335e2f%3A1700701844.058535&_=1700701844.067758
Request Chain 814
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1716426643&external_user_id=eb31808a-d0da-4d47-8289-ed3f58437407
Request Chain 815
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV6mjkoPYbSZosfd0TjSlQAADLEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFTDaywyF0bUzoZsq1RWuR4&google_cver=1
Request Chain 817
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8360122921520775269
Request Chain 818
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=86bc1113-1113-4eb3-b372-9eb8000d3cd8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 829
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3Dc3f546e4-eb42-463f-548b-42d90226f080%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=c3f546e4-eb42-463f-548b-42d90226f080&zdid=1361
Request Chain 856
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
Request Chain 857
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
Request Chain 861
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
Request Chain 862
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4e855d2d-b4ff-468b-8030-040696ea34de&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
Request Chain 864
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
Request Chain 865
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
Request Chain 866
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=982d105c-ecab-4c16-aa53-33e800b6d8b9
Request Chain 868
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4e855d2d-b4ff-468b-8030-040696ea34de&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 869
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=8BYAYhoRWDZP&ev=1&pid=558355
Request Chain 872
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
Request Chain 873
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_13666cc5-5252-4d01-9988-a2dde8979b38&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c71ac20b-29df-4fbc-99a8-fb3695f0bdbe&expires=1&user_group=2&ssp=gumgum2&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&us_privacy=
Request Chain 875
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
Request Chain 876
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
Request Chain 877
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b5f685b8-37fa-4b5c-95d5-5cecdffb19cf
Request Chain 879
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_13666cc5-5252-4d01-9988-a2dde8979b38&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 880
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=YwdHHfnVEujv&ev=1&pid=558355
Request Chain 886
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5327810569399153408&gdpr=&gdpr_consent=
Request Chain 890
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8XYAALgqW9wAAAAA
Request Chain 891
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
Request Chain 892
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 893
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=7464508210251001830&gdpr=&gdpr_consent=
Request Chain 897
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8X0AABYv8N8AAAAA
Request Chain 898
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
Request Chain 899
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 900
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=uggj73wxeWdnRzRHcURBNTQ5emczZUNGdXh2T2xkbTViTFhNU09naisxdk1NTmpCN1VDQUV5VHRsb0EwU1NjVmJURzBwSkVtb3R6TE43Zi82SHZkcVFJL1JOVG1SZndyMXVGUlVzZWVMb0NOVklmUTk4ZHNLaGNIY0twUjZZT3dwcTlxcEZ5c3VsZGhnd3hGMW1COTFZeXhaV3d1YTlMZENGQzRBT09GcVpBYTBvUmMydTB3bW8zeGFRM1ZpR1VheE9FbUIyRWJrMjNvVjBKZlU1TnhSNWs4ekJIM0FTbGw5WW5OZDRqOFlxU1ZQcE5JPXw&cppv=2
Request Chain 912
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Request Chain 916
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25 HTTP 302
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%% HTTP 302
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Request Chain 918
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 919
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322329716308519&expires=30&ssp=sonobi
Request Chain 920
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
Request Chain 922
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
Request Chain 923
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Request Chain 925
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Request Chain 926
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cdf5c95b-b35b-499f-a061-ced33c0f0dce&gdpr=0&gdpr_consent=
Request Chain 927
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Mjk1MDEyMzkzNzA1MDA2ODUyMw==&gdpr=0&gdpr_consent=
Request Chain 928
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7672818372472082626&gdpr=0&gdpr_consent=
Request Chain 929
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=fcc35494-4c25-4052-8fd4-c7b306b4a6fb&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RzZDWTcyRTZQemlJdjFQeHBNR1dsQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
Request Chain 931
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=Mjk1MDEyMzkzNzA1MDA2ODUyMw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENO0PlirjFA2VPnvs1tXlPg&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 934
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZmNjMzU0OTQtNGMyNS00MDUyLThmZDQtYzdiMzA2YjRhNmZi HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
Request Chain 963
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Request Chain 964
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249

954 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
114 KB
20 KB
Document
General
Full URL
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28 PleskLin
Resource Hash
821c34d21b6bcfd65b594018bbaf5a32149d24b23ded63b5f83f5e550984e138

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600, public
cf-cache-status
DYNAMIC
cf-ray
82a5887cacdb383e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:34 GMT
expires
Thu, 23 Nov 2023 02:10:25 GMT
last-modified
Thu, 23 Nov 2023 01:10:25 GMT
link
<https://www.shefinds.com/wp-json/>; rel="https://api.w.org/" <https://www.shefinds.com/?p=908459>; rel=shortlink
pragma
public
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.28 PleskLin
WGoWfUPXoC75537_vsscjA4CbkU.js
www.shefinds.com/cdn-cgi/apps/head/
4 KB
2 KB
Script
General
Full URL
https://www.shefinds.com/cdn-cgi/apps/head/WGoWfUPXoC75537_vsscjA4CbkU.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5628229884a0fd601c319c1e67e71b3f2f05d3ebaa31c5adaeadf3580935d614

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
x-amz-version-id
ILm7bpiO6Dv6feKWzVQHiJNrCWDBckpq
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 15 Oct 2023 00:37:16 GMT
server
cloudflare
x-amz-request-id
Q0QRE9Y6Y70GRRA6
age
930535
etag
W/"9717cfd1eb23bc7bc1fff71cc50ef2d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82a58882f97c383e-FRA
x-amz-id-2
8RHCGuF/EvOLPMjsBQ3pItpFws8BasADnTm7dY38jL5Epl2GVSyNgcv6PlMjP5qiDtfzDXDGdFQ=
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/
10 KB
4 KB
Script
General
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
via
1.1 df950c8670c9d795c825a74bce398a40.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
d2c4d00fafb74ab4b89bb94cd33e5228
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1699293384856
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
7e7e3d09f194455ebea9569633c970d9
x-mrs-age
50743
content-length
3764
x-mshield-cache-status
HIT
x-served-by
mshield-b-02, haproxy2, cache-yul12827-YUL, cache-fra-eddf8230067-FRA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1700701835.753232,VS0,VE0
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
AumBTufTVbc-Dix-gzpJsoeJJkBGXK4Ppxfc_WRtkKaWKbpVu7uAsw==
x-cache-hits
573, 7
main.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/
53 KB
5 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/main.min.css?ver=1.0.6
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
etag
W/"5d691a1c-d43e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f973383e-FRA
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/
52 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1282924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMUGDblqpkJKc%2FyRj%2FAk%2Bhq6JDcjZ0DKvoxxTyUgadvLvPFM82f6BG%2BrxDeuUMnZiqg4qbczMBQlgzrS1Mt0AiYGQ6UqAZtPC4xJ2Q19VF%2FHkeeLHjjRunU6JWOlH081bS4PDbo1tKxbmkbdhEV9PzXC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a588831cf66ae0-FRA
expires
Tue, 12 Nov 2024 01:10:34 GMT
/
cloud.typenetwork.com/projects/2101/fontface.css/
730 B
1 KB
Stylesheet
General
Full URL
https://cloud.typenetwork.com/projects/2101/fontface.css/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Thu, 23 Nov 2023 01:10:34 GMT
via
1.1 varnish
x-amz-request-id
tx00000305b7d5fcb9b12a6-00652a7cea-7a12c4e8-nyc3c
age
88073
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
x-amz-meta-surrogate-control
max-age=604800
content-length
730
x-served-by
cache-fra-etou8220022-FRA
last-modified
Thu, 06 Apr 2023 15:46:21 GMT
x-timer
S1700701835.752399,VS0,VE1
x-amz-meta-tn-allowed-domains
http://shefinds.ctpusdev.com
etag
"228cb88d245a31343060024e93e4d9ad"
x-amz-meta-surrogate-keys
license-236229 projectlicense-10469 project-2101
x-hw
1697283306.dop151.fr8.shc,1697283306.dop151.fr8.t,1697283306.cds159.fr8.p
content-type
text/css
access-control-max-age
0
access-control-allow-methods
GET
cache-control
max-age=600
x-rgw-object-type
Normal
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
style.min.css
www.shefinds.com/wp-content/themes/shefinds_14/
115 KB
21 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 09:05:45 GMT
server
cloudflare
etag
W/"63871ce9-1ca0c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f974383e-FRA
mobile.min.css
www.shefinds.com/wp-content/themes/shefinds_14/
19 KB
4 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/mobile.min.css?ver=1.1.46
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 May 2018 07:13:47 GMT
server
cloudflare
etag
W/"5aec082b-4a96"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f975383e-FRA
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f976383e-FRA
single-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/
32 KB
6 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single-new.min.css?ver=1.0.35
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
etag
W/"63e1ec80-8143"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f977383e-FRA
sbi-styles.min.css
www.shefinds.com/wp-content/plugins/instagram-feed/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 09:13:18 GMT
server
cloudflare
etag
W/"6131e72e-41b7"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f978383e-FRA
style.min.css
www.shefinds.com/wp-includes/css/dist/block-library/
102 KB
14 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-includes/css/dist/block-library/style.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 15:21:24 GMT
server
cloudflare
etag
W/"64e4d274-19824"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f979383e-FRA
ccb-frontend.min.css
www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/
17 KB
3 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ccb-frontend.min.css?ver=1.0.7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
etag
W/"63e1ec80-42d0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f97a383e-FRA
single.css
www.shefinds.com/wp-content/themes/shefinds_14/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single.css?ver=1.0.4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fd56632b4b07ce2bd408199103760876ef5366d846cdca5b184e04f456eb21d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Jun 2018 06:15:00 GMT
server
cloudflare
cf-polished
origSize=19885
etag
W/"5b35ce64-4dad"
vary
Accept-Encoding
x-powered-by
PleskLin
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a58882f97b383e-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:17:43 GMT
global_combined.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/
31 KB
6 KB
Script
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/global_combined.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 11:41:53 GMT
server
cloudflare
etag
W/"6239b601-7c40"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
82a58882f980383e-FRA
collections.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/
2 KB
698 B
Script
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/collections.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2f52c83d011c40ab1b778bd0f6149e2065c85248d97c472dbeea3bdeb18d77d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Feb 2018 14:53:29 GMT
server
cloudflare
etag
W/"5a82fbe9-6ab"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
82a58882f982383e-FRA
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/
67 KB
22 KB
Script
General
Full URL
https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Date
Thu, 23 Nov 2023 01:01:01 GMT
X-Amz-Cf-Pop
FRA60-P2
Age
1134
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 Jul 2020 23:39:36 GMT
Server
AmazonS3
ETag
W/"0e107974c7663dc3d598a29c1079881d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
YlICPOjYXk0az9pe67EiNHP_Gm4hPNWNqiLYV-hKykju5RrsKcSjXg==
js
www.googletagmanager.com/gtag/
243 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8afb0845c530fb78990eadc29feecd715697189417614dfc9bea750c3e7d5f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 01:10:35 GMT
blogherads.js
ads.blogherads.com/static/
6 KB
3 KB
Script
General
Full URL
https://ads.blogherads.com/static/blogherads.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
89362be4dd30a8430ed44d421b6060fd94b488dfcb1f89da2f796d883bad53d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2EFKCTSW3ADK125A
age
202
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
51zuUI6MIs+UM/oRwX9ChP7d3Z+avO5cJvz610cW+12QZkGRQIw6ZWLw174nvpVgniWdN/6FMTE=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Thu, 16 Nov 2023 23:37:50 GMT
x-timer
S1700701835.202819,VS0,VE1
etag
W/"7d407c46fda7c580c77f61009d88d235"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
1
header.js
ads.blogherads.com/bh/41/412/412983/2498530/
5 KB
3 KB
Script
General
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/header.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7437a15e788cd39c4ed502ae5624e7e6080fefda5d718e97ab056ddf76943efd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
5805DDFJWNWV7X7Y
age
190
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
xsBc1vaP+5B5aKy53/VKC8fgrklR9U7g9l4gdW9Yqn43pX5iiY00RaDzAQDvr3sbPyWGS9skbY8=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Thu, 23 Nov 2023 01:02:10 GMT
x-timer
S1700701835.202824,VS0,VE1
etag
W/"12cef1b94e4de9dde0930eafe911abda"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
1
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755
age
950138
cdn-cachedat
12/13/2021 20:18:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
48135f30fbfcba704628453df5764d8f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82a588833a523730-FRA
cdn-requestpullsuccess
True
load.js
s.ntv.io/serve/
619 KB
164 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.36.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-36-95.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7310e401efd5214d7c4baf2a6df94becd6d945da0682fbc3a93274eadc68e8c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:35 GMT
Content-Encoding
gzip
x-amz-request-id
WN69TQ5F0WN8DN68
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
66rwX1OhibIrAJkqUURBQ9+o/XGvGVrVJN5/9UGspDTrBSPlEAStcW3yXxrkbJ2jbvAtCV2sz0E=
Last-Modified
Wed, 15 Nov 2023 00:44:41 GMT
Server
AmazonS3
ETag
"4fbba8ffe8ed5e2e12f43893b989ffc1"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
menu-ico-new.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
124 B
249 B
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/menu-ico-new.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ba381e54279a07776f1bf69131b32f3958acdff2e2b37334dced95c4e0dedc50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
cf-cache-status
HIT
age
2185
cf-polished
origFmt=png, origSize=214
x-powered-by
PleskLin
content-disposition
inline; filename="menu-ico-new.webp"
content-length
124
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-d6"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58883098e383e-FRA
new-logo-mob.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
2 KB
3 KB
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/new-logo-mob.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
563c2828b96e60d471d369d0f12dabe89e209931b7f1486dec16ab7a19c87930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
cf-cache-status
HIT
age
2185
cf-polished
origFmt=png, origSize=3557
x-powered-by
PleskLin
content-disposition
inline; filename="new-logo-mob.webp"
content-length
2364
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-de5"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a588830990383e-FRA
sub-new-img.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
216 B
382 B
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/sub-new-img.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a9daaba14208d4a11facc1c74d4fac2717864aedd04b68d1f3076ffee8863c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
age
2186
cf-polished
origFmt=png, origSize=380
x-powered-by
PleskLin
content-disposition
inline; filename="sub-new-img.webp"
content-length
216
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-17c"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb2e383e-FRA
woman-bent-over-in-stomach-pain.jpg
www.shefinds.com/files/2023/11/
229 KB
230 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-bent-over-in-stomach-pain.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e573fed8218a29803c9417b297cab4d28589268a8444836722c383559b70c572

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 22 Nov 2023 22:15:55 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=247952
vary
Accept-Encoding
etag
"655e7d9b-3c890"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a5888329a0383e-FRA
content-length
234644
woman-looking-at-a-jar-of-flour.jpg
www.shefinds.com/files/2023/11/
262 KB
263 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-looking-at-a-jar-of-flour.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
296937a07275f36035eac29734ab659b098a874d843c66e35ebef458dd5c8ee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 22 Nov 2023 03:56:32 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=281966
vary
Accept-Encoding
etag
"655d7bf0-44d6e"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a5888329a2383e-FRA
content-length
268736
woman-eating-thanksgiving-vegetables.jpg
www.shefinds.com/files/2023/11/
303 KB
303 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-eating-thanksgiving-vegetables.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
40572149e4510bdb15e75a66743498c5bcba5c3975ba2d34419aac7b06d36a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 21 Nov 2023 22:25:17 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=324864
vary
Accept-Encoding
etag
"655d2e4d-4f500"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a588847a68383e-FRA
content-length
309762
Doritos-Nacho-Cheese-bag-on-display.jpg
www.shefinds.com/files/2023/08/
345 KB
345 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/08/Doritos-Nacho-Cheese-bag-on-display.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
340700e051b71c0cc9ca6574192583b6d16fe9f5a66afb1ae07a22e7de394f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 14 Aug 2023 17:14:15 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=365663
vary
Accept-Encoding
etag
"64da60e7-5945f"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb2f383e-FRA
content-length
353100
Best-New-Beauty-Awards-2023-top-photo-1200x1200-1.jpg
www.shefinds.com/files/2023/08/
233 KB
233 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/08/Best-New-Beauty-Awards-2023-top-photo-1200x1200-1.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
082716f79dd5be3b8c16af34f54840685842cf86250a8b7fb0096ef04ebca04a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 29 Aug 2023 16:47:55 GMT
server
cloudflare
age
6190
x-powered-by
PleskLin
cf-polished
origSize=254021
vary
Accept-Encoding
etag
"64ee213b-3e045"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb31383e-FRA
content-length
238591
Doritos-chips-bags-on-shelves.jpg
www.shefinds.com/files/2023/08/
210 KB
210 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/08/Doritos-chips-bags-on-shelves.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
89bf37d6f4e3726d63d0f0b8af1b4da7a90a0e87f99252956a40f00508c2353f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Mon, 14 Aug 2023 17:14:13 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=224619
vary
Accept-Encoding
etag
"64da60e5-36d6b"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb32383e-FRA
content-length
214803
Doritos-Nacho-Cheese-bag-view-inside.jpg
www.shefinds.com/files/2023/08/
106 KB
106 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/08/Doritos-Nacho-Cheese-bag-view-inside.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fe40e7a743fad22ac7f7ae610963c6d35ec483d4fadaf4368dadf4857f630f5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Mon, 14 Aug 2023 17:14:22 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=114278
vary
Accept-Encoding
etag
"64da60ee-1be66"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb33383e-FRA
content-length
108491
757539
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757539
48 KB
48 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757539
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2047e0eedac1ff5ff206229050768b94e116cb0dcbc9437407cb2408030ac99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:38:02 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1955
etag
"28cf030ee690ae2afd943a3f14afb996"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
48683
x-amz-cf-id
gYCq3BTP5Nqh5ZmPKClWby-XtyvdgBx8EDZsr2EHkc4-rg6HJGoFEQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757539
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757493
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757493
44 KB
44 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757493
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb3f623b60fe8fff9b7f92735e06fd2a8d6142aeba28bc80af83897149ad6f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:38:02 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1955
etag
"ec5d15aeb5f564a37ecb0bc20f342e0f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
45022
x-amz-cf-id
qms3r4URq6JOGIQGoaekbUAfwmb1KVugKjZe1fa9lraGHh67nBPyCA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757493
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757480
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757480
44 KB
44 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757480
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d755760a25a3252ba4da7d35ecc29e8386e192f0048ca4c0fc1ddd0eebe2e514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:18:36 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 21:59:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
3458
etag
"c1af37770bf46306e127e00f15473dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
44620
x-amz-cf-id
6iSaciWllZBOgsLfg3ckvWuuwi2O5k-baAyNevJcuoSliKZ2Uq_Sqw==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757480
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757538
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web&cs_uid=23bbe11ce77fd94dbd33881fd1795bdd
  • https://images-prod.powerinboxedge.com/v3/images/3682/757538
52 KB
52 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757538
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb5452a94fc36817c3c0af8d5695cb2419c5ca657cd2c96bb7fd716e0b357874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:38:02 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1955
etag
"6f9eddcc684620838879957700ceffd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
52885
x-amz-cf-id
z-XMxA8baoqeY_pWvpS7-ElXb-WWHkZrBIpPnDm58QwVqad0zTwrog==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757538
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757541
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757541
54 KB
55 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757541
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84cd6a23d847207eb22b37c64936ad869260857f9e278ba9aeb1bb632eda7bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:18:36 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
3458
etag
"0bbf6f3b01982856d9c902d91ecf86a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
55577
x-amz-cf-id
xLn7wLYpkc1hs1pbFNTiRNB7ziwNUizrduB6f5G21Tb-S__Bzw5IHg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757541
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757488
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757488
47 KB
48 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757488
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ebde7060dcf9c2db0f9d8120e37ddcc61a0039b3df9ffda4b40149a3c4b9cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:47:59 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1378
etag
"f63c99dddc0e52c9224aa5196a473d2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
48592
x-amz-cf-id
A9MSWBo8aENxbmuynwMji7cvWQXs7WGT7rD6UZfAfIb6jVoZlRaeOQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757488
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757485
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757485
45 KB
45 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757485
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
deee441222f235a938a5f9cb539e54ae4c843da183616ce60757418f63bfa4a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:18:36 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
3246
etag
"686c151abbbdd94198ecddd92f76d658"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
46103
x-amz-cf-id
XLqyiRjfy9odbVdZzHUsY-z6Gk22yhbj3n7wG6TkiZlx9j0w_0V20A==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757485
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757482
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757482
39 KB
40 KB
Image
General
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757482
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
130b7819ada9d9370881235a1ca9d2437141714b97418e00d081c773058ed802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:04:59 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
338
etag
"0b08cc7fffdc7d106fd03d89033fb263"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
40104
x-amz-cf-id
JXjC57b4KTMw1-QYaWtl1rM7vFDF01fVhB3EP08Che8EM4uJWwoowg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757482
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
short.png
branding.revenuestripe.com/recommend/
Redirect Chain
  • https://stripe.rs-stripe.com/branding/recommend/short.png
  • https://branding.revenuestripe.com/recommend/short.png
872 B
1 KB
Image
General
Full URL
https://branding.revenuestripe.com/recommend/short.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
18.173.187.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-61.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:35:08 GMT
via
1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 22:16:11 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
455728
etag
"69de7bae23dafcc7e38c4e59445aa693"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
872
x-amz-cf-id
zDBSvQbXPMfCdofqoMdJXF5O3wz-8yRrnkvP-zthbITdhzgqOblzWw==

Redirect headers

location
https://branding.revenuestripe.com/recommend/short.png
access-control-expose-headers
Request-Context
cache-control
private
date
Thu, 23 Nov 2023 01:10:35 GMT
request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length
171
content-type
text/html; charset=utf-8
email-decode.min.js
www.shefinds.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
835 B
Script
General
Full URL
https://www.shefinds.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
server
cloudflare
etag
W/"65568fe4-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
82a588854ad5383e-FRA
expires
Sat, 25 Nov 2023 01:10:35 GMT
sp_BbylgSbK
launcher.spot.im/spot/
89 KB
22 KB
Script
General
Full URL
https://launcher.spot.im/spot/sp_BbylgSbK
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
824dc2e405c8a9efa591855e9f5fbf3d207421989d5c771c5d3b6167a8ae7cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
pidWWZhQ6BGbjUZsUnhc9b7lEev5gmuG
content-encoding
br
via
1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 01:05:43 GMT
x-amz-cf-pop
MUC50-P1
age
293
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22168
last-modified
Wed, 22 Nov 2023 13:30:53 GMT
server
AmazonS3
etag
"45d1b66c15844d37a6d3ab2f7867e383"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
CnZEptLxXBqEx2hac6Qxt6GlXUhD-R_Baz5Rnf4FhxuFjb_Pn48IIw==
woman-in-colorful-workout-clothes-with-water-bottle.jpg
www.shefinds.com/files/2023/11/
133 KB
133 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-in-colorful-workout-clothes-with-water-bottle.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0c76817348da95aa12b086a2d8dc71b98f4fcd4bf68eef15ab363216df3fb76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Nov 2023 18:25:12 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=146490
vary
Accept-Encoding
etag
"655ba488-23c3a"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb34383e-FRA
content-length
135843
woman-serving-a-lattice-pie.jpg
www.shefinds.com/files/2023/11/
228 KB
228 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-serving-a-lattice-pie.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a26e067834e18dd1bea3b57416a433c8934b93df99bd733a0885871ff1c13cf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Nov 2023 19:39:29 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=246927
vary
Accept-Encoding
etag
"655bb5f1-3c48f"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb35383e-FRA
content-length
233005
wegmans-storefront-2.jpg
www.shefinds.com/files/2023/08/
419 KB
419 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/08/wegmans-storefront-2.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
aaa1e213c95a21c9432ab75c3ec6b1aa17e2856eef68375a102516ebaba469fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 21:25:13 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=442706
vary
Accept-Encoding
etag
"6557da39-6c152"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb36383e-FRA
content-length
428875
woman-eating-popcorn-by-christmas-tree.jpg
www.shefinds.com/files/2023/11/
225 KB
225 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-eating-popcorn-by-christmas-tree.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
84af1033b3671c129e4adfe9036316bf02e75b0f5f2ab60256a52fa2977042bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 23:13:40 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=243227
vary
Accept-Encoding
etag
"6557f3a4-3b61b"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb3a383e-FRA
content-length
230156
woman-cooking-with-herbs-and-spices.jpg
www.shefinds.com/files/2023/11/
140 KB
141 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-cooking-with-herbs-and-spices.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5c045a8c5c1c36e4927d7dd41b74da523935c54931e7f68e4d6741b2ecb0cb50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 19 Nov 2023 04:54:45 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=155546
vary
Accept-Encoding
etag
"65599515-25f9a"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb3b383e-FRA
content-length
143656
Wendys-sign-2-1.jpeg
www.shefinds.com/files/2023/11/
210 KB
210 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/Wendys-sign-2-1.jpeg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2f940535356fd21d81c65c9fa87d37269359bf43105d53aef61f185edcaf5e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 23:10:36 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
status=not_needed
vary
Accept-Encoding
etag
"6557f2ec-34613"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb3c383e-FRA
content-length
214547
Aldi-Store.jpg
www.shefinds.com/files/2023/11/
309 KB
310 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/Aldi-Store.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
637cdc836b3fa959f7edabe4148bdb1c02d997cc95c2e03b89b4ebafd5fcdb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 16 Nov 2023 21:25:24 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=331016
vary
Accept-Encoding
etag
"655688c4-50d08"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb3d383e-FRA
content-length
316657
Shutterstock_762851593.jpg
www.shefinds.com/files/2023/11/
479 KB
480 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/Shutterstock_762851593.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
62f3ac28c0d5075ecf4c13c999e87420f6b448b8f5c9045e467f30a6d24609a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 19 Nov 2023 01:29:45 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=523555
vary
Accept-Encoding
etag
"65596509-7fd23"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb3e383e-FRA
content-length
490428
glass-of-turmeric-tea-with-turmeric-root-beside-it.jpg
www.shefinds.com/files/2023/11/
188 KB
188 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/glass-of-turmeric-tea-with-turmeric-root-beside-it.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c383852daa607bf6ac148a3108eb325cc71a8f103fda6af7db0b56a4dd91feb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 22:45:10 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=204178
vary
Accept-Encoding
etag
"6557ecf6-31d92"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb3f383e-FRA
content-length
192215
womans-hand-with-bowl-of-oatmeal-with-berries-and-banana.jpeg
www.shefinds.com/files/2023/11/
582 KB
583 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/womans-hand-with-bowl-of-oatmeal-with-berries-and-banana.jpeg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a1141a71ff46a7ece7c7dbb531cb2b57e8a4a6ce75f6792e6eb807adb16fe59b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 16 Nov 2023 23:01:15 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
status=not_needed
vary
Accept-Encoding
etag
"65569f3b-9196e"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb40383e-FRA
content-length
596334
packaged-deli-meats.jpg
www.shefinds.com/files/2023/11/
417 KB
418 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/packaged-deli-meats.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7366ee4721b164427706441c07c16ab00417d713cf374ac2fc0964d0b34a1030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 18 Nov 2023 22:30:46 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=441043
vary
Accept-Encoding
etag
"65593b16-6bad3"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb41383e-FRA
content-length
427164
Baskin-Robbins-illuminated-sign.jpg
www.shefinds.com/files/2023/11/
211 KB
211 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/Baskin-Robbins-illuminated-sign.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3c4b41b93f0873e5ec379c5af6650c0159ddacdfaf4bcf4054f2666ac656d43b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 16 Nov 2023 20:31:23 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=230410
vary
Accept-Encoding
etag
"65567c1b-3840a"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb42383e-FRA
content-length
216194
Trader-Joes-snacks-1.jpg
www.shefinds.com/files/2023/11/
564 KB
565 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/Trader-Joes-snacks-1.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6d43018113c5dc037b8a1c1bfd256dac3c82d2660c1d6a535a5e5e671eade231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 17:55:33 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=593985
vary
Accept-Encoding
etag
"6557a915-91041"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb43383e-FRA
content-length
578044
new-products-at-trader-joes.jpg
www.shefinds.com/files/2023/11/
390 KB
390 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/new-products-at-trader-joes.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
eed789e7449cadf4d11e454a10e13d0b033216042c93858f45e63a012c57b928

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 22:43:03 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=412966
vary
Accept-Encoding
etag
"6557ec77-64d26"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb44383e-FRA
content-length
399041
woman-eating-breakfast-using-cell-phone.jpg
www.shefinds.com/files/2023/11/
281 KB
282 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-eating-breakfast-using-cell-phone.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6105f4e1b44b163b380cd3e96e91448900b006026415bfe057461c24b30b587d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 18 Nov 2023 05:04:47 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=302534
vary
Accept-Encoding
etag
"655845ef-49dc6"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb45383e-FRA
content-length
288090
sports-drinks-at-target.jpg
www.shefinds.com/files/2023/11/
335 KB
336 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/sports-drinks-at-target.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
541b8820c59df0c1a8112dc7d874a3d1518b293bb3c9550806dd0eff76e81345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 22:33:01 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=357420
vary
Accept-Encoding
etag
"6557ea1d-5742c"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb46383e-FRA
content-length
343151
woman-smiling-eating-chocolate-ice-cream-cone.jpg
www.shefinds.com/files/2023/11/
221 KB
221 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/woman-smiling-eating-chocolate-ice-cream-cone.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
349290f0c46886bf1de4d4b5d59d24ca740859d4493f9fe948d2e6857705a68c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Nov 2023 23:33:16 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=241715
vary
Accept-Encoding
etag
"6557f83c-3b033"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb47383e-FRA
content-length
226138
McDonalds-drive-thru.jpg
www.shefinds.com/files/2023/11/
260 KB
260 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/McDonalds-drive-thru.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e285276284316eafc148388dbed88329f376f0856d4081680649d954687d4746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Nov 2023 20:01:21 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=276481
vary
Accept-Encoding
etag
"65552391-43801"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb48383e-FRA
content-length
265742
trader-joes-fall-gourd-display.jpg
www.shefinds.com/files/2023/11/
501 KB
502 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/trader-joes-fall-gourd-display.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1eb1ad52e9104b08bf2d36b7f314fb7b0cc0271431ba238629deb3db4af14271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 14 Nov 2023 22:25:23 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=529893
vary
Accept-Encoding
etag
"6553f3d3-815e5"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb49383e-FRA
content-length
513444
two-friends-cheersing-fresh-fruit-juice.jpg
www.shefinds.com/files/2023/11/
165 KB
165 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/11/two-friends-cheersing-fresh-fruit-juice.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b69300546b7e4c3652abb6efd24e614261049e04f01de0f3dccf0c58499924c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 16 Nov 2023 23:37:45 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=183569
vary
Accept-Encoding
etag
"6556a7c9-2cd11"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb4a383e-FRA
content-length
168593
lightbox_inline.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/
2 KB
1 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox_inline.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bea9774a7c2714797d8f83a8f4381ec099fc8a09464aa91c7568507c0d15e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 22:03:24 GMT
content-md5
wPc9Z2CqzUpAOBQXevQ37w==
server
cloudflare
cf-polished
origSize=2379
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
c59f44a6-201e-0015-5f13-15daa9000000
x-ms-version
2009-09-19
cf-ray
82a5888599839256-FRA
basket.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/
188 B
211 B
Script
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/basket.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
96ef0a27fb2a76f331f10aee91d770a435b441bf158aa4f97d37e5dfc8c684ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
etag
W/"5d691a1c-bc"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
82a58885cb2b383e-FRA
lightbox.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/
5 KB
1 KB
Script
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/lightbox.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jul 2018 14:05:26 GMT
server
cloudflare
etag
W/"5b55e0a6-13aa"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
82a58885cb2d383e-FRA
onejs
z-na.amazon-adsystem.com/widgets/
22 KB
8 KB
Script
General
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-93-105.muc50.r.cloudfront.net
Software
Server /
Resource Hash
0b9b5c5fc4114c994452c3659a20cbf0618d815d9eb2b74d3f53ad7b2d832e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
Public
date
Thu, 23 Nov 2023 01:07:25 GMT
content-encoding
gzip
via
1.1 a7322dae74179db004d6fbdc1e7dc03e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
age
190
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7388
x-amz-cf-id
4bGgf0gatu5wj7NOw5hzLHjwE2QnaKxKCfVqurzgGKyuma6s_Ss4ww==
expires
Thu, 23 Nov 2023 01:12:25 GMT
shefinds-shefinds.js
widget.sellwild.com/shefinds/
79 KB
30 KB
Script
General
Full URL
https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01dfcfe991ac2e4dffd53173f4668c3fb3df791900c35c633c06ed1f73f1ce44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:07:08 GMT
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Mar 2023 06:21:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
522208
etag
W/"9a3ac0f83e15e5f11c7e9ee7cfba83a6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1209600,public
x-amz-cf-id
38SMvZ6pon9jodVB2RrLUMvIYNz8TGCTn4CvMwkGoiFcT9ugA1qf2w==
fy4C3obCXFLFL2ZmgQdA3AUUdcs.js
www.shefinds.com/cdn-cgi/apps/body/
1 KB
749 B
Script
General
Full URL
https://www.shefinds.com/cdn-cgi/apps/body/fy4C3obCXFLFL2ZmgQdA3AUUdcs.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/cdn-cgi/apps/head/WGoWfUPXoC75537_vsscjA4CbkU.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7585e4b54edee5dd7ecb17bd243463a8647ff6c6cf434cedd242eea88f4d087c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
x-amz-version-id
hrN_Z86IF41Y7Jqm.Ol5vH4fIEz6F4H4
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 15 Oct 2023 00:37:16 GMT
server
cloudflare
x-amz-request-id
PWX6XQ2KW51TTRKK
age
1286762
etag
W/"563213b8f416bb0c45fe289730acba5f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82a58885cb4c383e-FRA
x-amz-id-2
x3yZalLRTpWp3/6DtTLKBJVcnIt/HF3LBXiTLiO2lz7+cNwcIZNeBKtHksLC+qEG78SSxlJlB/4=
main.d.js
bc.marfeelcache.com/www.shefinds.com/
13 B
472 B
Script
General
Full URL
https://bc.marfeelcache.com/www.shefinds.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
24b0fa229be241b58a4289c76b5347a1
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HS
x-mrf-rendered
1698042727944
x-mrs-age
16
x-b3-traceid-primal
8de5c08e3cbc47ffa5e4a40f89594c18
content-length
13
x-mshield-cache-status
HIT
x-served-by
mshield-b-01, haproxy1, cache-yul12833-YUL, cache-fra-eddf8230067-FRA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1700701835.164273,VS0,VE1
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
n7VbPTwViSHWfgH3RbZFFf_o6w-UtaUpZ6d2JppiZA3qsdas8syIYg==
x-cache-hits
362, 1
resolve
people.api.boomtrain.com/identify/
81 B
402 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.93.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-93-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:35 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
resolve
people.api.boomtrain.com/identify/
81 B
402 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.93.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-93-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:35 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48b73010b783a8a7f6350de94bb976e2bab025a75bc36d5a975c42b3775994e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 01:10:35 GMT
content-md5
DUnbJHFh1ISrH+DLd9g/mg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
FrAtq3DC2LpnZUYVhCx85JUJ673pDZG7mxMgrhv5knH+EJyWHFCeu46HfEbC2EoXVwTNjwDMO1NiKdeVhryuVw==
x-fb-content-md5
40855b4d35865207bd87b660fc26be63
cross-origin-opener-policy
same-origin-allow-popups
etag
"d23d8403ab21a4691f16f7f473801d56"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:17:39 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Nov 2023 01:10:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
VoqTiK5xdz6EReu5tACDOSL1shw07xQ3wdG8zxMUoBA+1uHPyD7aXBNGnjMHl8oLmQR8kJeJXuftwIvRCuPeVg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
shefindsmedia-lifestyle_tag.js
d3ezl4ajpp2zy8.cloudfront.net/
0
0

shefinds.js
static.bam-x.com/tags/
152 KB
42 KB
Script
General
Full URL
https://static.bam-x.com/tags/shefinds.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4dd9dbc6099790b3a3807c15f4ef9b8e71cab2a4a646e256b47248a8c430d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:01:09 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 16:42:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1677
etag
W/"eb4fce974f8ba34fb9a68d7736fa02d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Nb3JoQ8F3caBfyNi93WXzmIUwe6r2nyGjk3cQ_-VW4aQxfqa_PJ6zQ==
hotjar-368258.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-368258.js?sv=5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-117.muc50.r.cloudfront.net
Software
/
Resource Hash
ae69be93b147b0c410ac3310c62970cad5c177516dffc0877241ba3a16bf0889
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 3ddbbcaacc1ba68ddfab04ef45c3ca98.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/52ca5c3b9e0b9f6df0859f056eb24967
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
tOrVxHTC0roe43QTT5oV7qb9T5FjiXD6szeKAYI0NWo5r653s930aQ==
116504.ct.js
intljs.rmtag.com/
18 KB
6 KB
Script
General
Full URL
https://intljs.rmtag.com/116504.ct.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
4f89e482c45014d4cea6e1b494c2a9776fd61d74aff9c7d60eb418ed0528cfb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Thu, 23 Nov 2023 01:10:35 GMT
x-cache
miss
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
analytics-1.5.12.min.js
cdn.keywee.co/dist/
Redirect Chain
  • https://cdn.keywee.co/dist/analytics.min.js
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
22 KB
8 KB
Script
General
Full URL
https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
2600:9000:237d:8400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 09:05:30 GMT
content-encoding
gzip
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified
Mon, 28 Dec 2020 09:55:56 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
144307
etag
W/"13a05c433850fad0455e2ee1a1707eb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=259200,public
x-amz-cf-id
PP3iY1Fizw4oS5KWfXET4q8NY4iHEet6Fq47VE7pWg4yPZx4zsNToQ==

Redirect headers

date
Thu, 23 Nov 2023 01:10:29 GMT
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
7
x-cache
Hit from cloudfront
location
/dist/analytics-1.5.12.min.js
content-length
0
x-amz-cf-id
8iybxDEBHcmUawFxfxleZ3DSPaO35IIHSqWjYBIgTz_emtM-0vRsOg==
/
www.shefinds.com/iframe-modal/ Frame 3976
20 KB
5 KB
Document
General
Full URL
https://www.shefinds.com/iframe-modal/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28 PleskLin
Resource Hash
33a65f3f35748bdee065a31de91ca731d9fc3d3997ae7f43088ecccf611a2339

Request headers

Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=1724, public
cf-cache-status
DYNAMIC
cf-ray
82a58885cb4e383e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:35 GMT
expires
Thu, 23 Nov 2023 01:39:09 GMT
last-modified
Thu, 23 Nov 2023 00:39:09 GMT
link
<https://www.shefinds.com/wp-json/>; rel="https://api.w.org/" <https://www.shefinds.com/wp-json/wp/v2/pages/710110>; rel="alternate"; type="application/json" <https://www.shefinds.com/?p=710110>; rel=shortlink
pragma
public
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.28 PleskLin
vglnk.js
cdn.viglink.com/api/
82 KB
29 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:42:20 GMT
content-encoding
gzip
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 15:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
199699
x-amz-server-side-encryption
AES256
etag
"6c8a8d538bfaf5e3eee3cfe467f261a5"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28925
x-amz-cf-id
xb50zlMw2Fh2f96-wQBtrasllgt1msfuSofRB6na7lP9zxdd9WWFlA==
quant.js
secure.quantserve.com/
21 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 30 Nov 2023 01:10:35 GMT
shefinds_blackhorizontal.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
10 KB
10 KB
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/shefinds_blackhorizontal.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
42d3eb7d373afb36dd72a7e4aefba98de82fc8706fccc34f42810c2c0760ea2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
age
2186
cf-polished
origFmt=png, origSize=34331
x-powered-by
PleskLin
content-disposition
inline; filename="shefinds_blackhorizontal.webp"
content-length
9764
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-861b"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb4f383e-FRA
new-search.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
270 B
399 B
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/new-search.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a5dabed54019cdc6c9853772ab679ba81d4e1d4e560d7dbe585d0cb5d77b2548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
age
2185
cf-polished
origFmt=png, origSize=442
x-powered-by
PleskLin
content-disposition
inline; filename="new-search.webp"
content-length
270
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-1ba"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb50383e-FRA
blank.gif
www.shefinds.com/wp-content/themes/shefinds_14/img/
43 B
152 B
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/blank.gif
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
2185
x-powered-by
PleskLin
cf-polished
origSize=49, status=webp_bigger
vary
Accept-Encoding
etag
"5a6e6d28-31"
content-type
image/gif
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb51383e-FRA
content-length
43
socail-sprite-2.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
5 KB
5 KB
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/socail-sprite-2.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6dacad7a02574323e64231bdb477b99dbac3bfafe28be370fb3d2e9fb2650b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
age
2185
cf-polished
origFmt=png, origSize=7177
x-powered-by
PleskLin
content-disposition
inline; filename="socail-sprite-2.webp"
content-length
4754
cf-bgj
imgq:100,h2pri
last-modified
Wed, 06 May 2020 07:07:53 GMT
server
cloudflare
etag
"5eb26249-1c09"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885cb52383e-FRA
AIS_Carrie-Bio-Pic-scaled.jpg
www.shefinds.com/files/2023/04/
409 KB
409 KB
Image
General
Full URL
https://www.shefinds.com/files/2023/04/AIS_Carrie-Bio-Pic-scaled.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
123e79062859f4cc87e967e4c3c7fb788c76015eaca76086578db67d89bf6359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 19 Apr 2023 17:16:24 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=424860
vary
Accept-Encoding
etag
"644021e8-67b9c"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885db54383e-FRA
content-length
418596
social-bio.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
2 KB
2 KB
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/social-bio.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ccdcac49567850ffd4891e52abf3a4a04a2620267f9b0f4cee113506e0d2a733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 12 Feb 2019 07:25:45 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=3921
etag
"5c6274f9-f51"
vary
Accept
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=5356800
content-disposition
inline; filename="social-bio.webp"
accept-ranges
bytes
cf-ray
82a58885db55383e-FRA
content-length
2314
footer-btn-img.png
www.shefinds.com/wp-content/themes/shefinds_14/img/
258 B
423 B
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/footer-btn-img.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
037873e3bde7304011cab230abd95899bc51a3936e70d756bcd8bc8dfa72268d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=713
etag
"5a6e6d28-2c9"
vary
Accept
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=5356800
content-disposition
inline; filename="footer-btn-img.webp"
accept-ranges
bytes
cf-ray
82a58885db59383e-FRA
content-length
258
HelveticaNeue-Medium.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/
20 KB
20 KB
Font
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/HelveticaNeue-Medium.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
343a6c2bc4231fcde5a83ef906379d2317391d648ac2c9cfe441bc8bfc7c9bed

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
6190
etag
"5a6e6d28-50b0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885db56383e-FRA
content-length
20656
c4d_vdef_emp_28e5.woff2
fastly-cloud.typenetwork.com/projects/2101/
69 KB
70 KB
Font
General
Full URL
https://fastly-cloud.typenetwork.com/projects/2101/c4d_vdef_emp_28e5.woff2?ddc0ee1b29f22d0bf691ca97fc73962a4cad3c8e
Requested by
Host: cloud.typenetwork.com
URL: https://cloud.typenetwork.com/projects/2101/fontface.css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecdfa400855d3a2942065b7b7036b020e66d61547a26465637598a2078d46612
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cloud.typenetwork.com/
Origin
https://www.shefinds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
x-amz-request-id
tx00000000000002778dbc1-00650c2120-7871d8ee-nyc3c
age
340
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
x-amz-meta-surrogate-control
max-age=604800
content-length
70756
x-served-by
cache-fra-eddf8230046-FRA
last-modified
Thu, 06 Apr 2023 15:46:23 GMT
x-timer
S1700701835.214697,VS0,VE1
x-amz-meta-tn-allowed-domains
http://shefinds.ctpusdev.com
etag
"fea67774edcbfec9e421db7375ae16ab"
x-amz-meta-surrogate-keys
style-3149 family-371 project-2101 projectlicense-10469
x-hw
1695293728.dop208.fr8.shc,1695293728.dop208.fr8.t,1695293728.cds339.fr8.p
content-type
font/woff2
access-control-max-age
0
access-control-allow-methods
GET
cache-control
max-age=600
x-rgw-object-type
Normal
x-amz-meta-tn-plw-id
10469
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
1
HelveticaNeue.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/
18 KB
18 KB
Font
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/HelveticaNeue.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
696b7b641d993b2664d20d1fc0a7d81e1dfe55db60535b8b946159e3e7aadb28

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
6190
etag
"5a6e6d28-47e8"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
82a58885db57383e-FRA
content-length
18408
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v23/
59 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30418
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 20:59:49 GMT
matomo.js
mtm.shefinds.com/
64 KB
20 KB
Script
General
Full URL
https://mtm.shefinds.com/matomo.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/cdn-cgi/apps/body/fy4C3obCXFLFL2ZmgQdA3AUUdcs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.126.111.33 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li368-33.members.linode.com
Software
nginx / PleskLin
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:26 GMT
content-encoding
br
last-modified
Tue, 01 Aug 2023 09:51:37 GMT
server
nginx
etag
W/"64c8d5a9-10132"
x-powered-by
PleskLin
content-type
application/javascript
2.4cd885b24c3868b3a529.js
ads.blogherads.com/static/chunks/
249 KB
108 KB
Script
General
Full URL
https://ads.blogherads.com/static/chunks/2.4cd885b24c3868b3a529.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
570b35840570fd15482505125fd5fec8c3de8529aea4bead3a2de44e42c5898b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4K3S39YKMSZ6Q4KH
age
203
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8kEHgiNJOANesvG63QHDlvsV9tLmGIO+4OL72izu/RRLufW9iPmSFsXf4y6Q/zhzjRvd6X/SPcc=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Thu, 16 Nov 2023 23:37:52 GMT
x-timer
S1700701835.302120,VS0,VE0
etag
W/"ad710d40d105268525bea7a8bcd6442f"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
3.f7c3b855f9818f2fd2b2.js
ads.blogherads.com/static/chunks/
11 KB
5 KB
Script
General
Full URL
https://ads.blogherads.com/static/chunks/3.f7c3b855f9818f2fd2b2.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
396f571ed075c09f163af863b56882ff197aa0dc8d9a51aaf1a401b6dd6e9e77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4K3XJBJ15FG1QMXB
age
203
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
SYyhhmYOB0kX7KxSfMIjBFmp/aMrlSQ11/LEC+FgLbb/ETXSaoUDBRvevXaVreTZfkfw5wCDe+Y=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Thu, 16 Nov 2023 23:37:53 GMT
x-timer
S1700701835.302238,VS0,VE0
etag
W/"0a60f6bc63fc9fa62146ba51a6736622"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
29.500378e3b0ded2a39d9a.js
ads.blogherads.com/static/chunks/
64 KB
29 KB
Script
General
Full URL
https://ads.blogherads.com/static/chunks/29.500378e3b0ded2a39d9a.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68951ae0f2153142736e93e67554891f98617c6658d52c4e6098ad6e675143ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9DGRRYPWRD5E1DTR
age
203
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
S12NGqMmislWwZRJ5lcOATQ1dKiOkswt5NG8AJ8pntHDKprLNsL+RPUWTh9fgouL3ltyDijygOU=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Mon, 30 Oct 2023 21:44:22 GMT
x-timer
S1700701835.302236,VS0,VE0
etag
W/"51c0d39b113bee5e4063aac444714da0"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
4.53bb9f34fa7efc76fd9d.js
ads.blogherads.com/static/chunks/
11 KB
5 KB
Script
General
Full URL
https://ads.blogherads.com/static/chunks/4.53bb9f34fa7efc76fd9d.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c8e36090b0f56f14eed4abdf00aaf61850f18d07ea2d81aab3ddd3846c6b442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4K3TDKHRMAPEVNBE
age
203
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
Mj99isfqwSSW8c44W5RXoIPVGmEsUVcPi7X1mtgfY1wDfFkzar5yomPVoodfqvZhvze4nRAsS6Y=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Thu, 16 Nov 2023 23:37:54 GMT
x-timer
S1700701835.302493,VS0,VE0
etag
W/"d13251c078bf1e7de71c6fd9a8101dfb"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
28.3e2a2670f9a2252feeac.js
ads.blogherads.com/static/chunks/
264 KB
114 KB
Script
General
Full URL
https://ads.blogherads.com/static/chunks/28.3e2a2670f9a2252feeac.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
74b53792dcfeef77b16ae2908178498ea57e7ad0f89e5aacb9d13f3b623cf993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
RBP6ATZSD9F8ZEST
age
203
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
mfVaw87NH2RCt4tzS2hXW9auhYXRQqOj3lrA/yxqjRhMP3cME9OIxt9RJ9iJxFh6CZUY/xp8w+I=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Tue, 21 Nov 2023 17:02:44 GMT
x-timer
S1700701835.302453,VS0,VE0
etag
W/"78bc4cf16a51f74b81fb0da878bc0b87"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
t
jadserve.postrelease.com/
2 KB
1 KB
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.244.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-244-86.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
92a8dfddc9a488d4605d9d6ca64b86bbe16935f258d704e80911a462a57b8edb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
822
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
region1.google-analytics.com/g/
0
255 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SPS2TCRBW2&gtm=45je3b81v897426051&_p=1700701835145&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=734051138.1700701835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700701835&sct=1&seg=0&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&dt=Doritos%20Chips%20Are%20Being%20Pulled%20From%20Grocery%20Stores%20Due%20To%20Undeclared%20Ingredients%20-%20SHEfinds&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1783
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WGoWfUPXoC75537_vsscjA4CbkU.js
www.shefinds.com/cdn-cgi/apps/head/ Frame 3976
4 KB
2 KB
Script
General
Full URL
https://www.shefinds.com/cdn-cgi/apps/head/WGoWfUPXoC75537_vsscjA4CbkU.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5628229884a0fd601c319c1e67e71b3f2f05d3ebaa31c5adaeadf3580935d614

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
x-amz-version-id
ILm7bpiO6Dv6feKWzVQHiJNrCWDBckpq
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 15 Oct 2023 00:37:16 GMT
server
cloudflare
x-amz-request-id
Q0QRE9Y6Y70GRRA6
age
930536
etag
W/"9717cfd1eb23bc7bc1fff71cc50ef2d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82a588878c57383e-FRA
x-amz-id-2
8RHCGuF/EvOLPMjsBQ3pItpFws8BasADnTm7dY38jL5Epl2GVSyNgcv6PlMjP5qiDtfzDXDGdFQ=
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ Frame 3976
10 KB
4 KB
Script
General
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
via
1.1 df950c8670c9d795c825a74bce398a40.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
23bdb9dd9b794644bb4783ed18a8f230
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1699293384856
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
7e7e3d09f194455ebea9569633c970d9
x-mrs-age
50743
content-length
3764
x-mshield-cache-status
HIT
x-served-by
mshield-b-02, haproxy2, cache-yul12827-YUL, cache-fra-eddf8230067-FRA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1700701835.442223,VS0,VE0
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
AumBTufTVbc-Dix-gzpJsoeJJkBGXK4Ppxfc_WRtkKaWKbpVu7uAsw==
x-cache-hits
573, 8
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame 3976
52 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1282925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttdczTudsNcjiiU0sm0QiyZKoKX2VovReRsWWooh1HMMgno05wjFuHno320mG08JSB9Vrok1TMN%2BP49fwP3QPzKayjnEmUXd3Rqkm85uZkzsqhudMd05HMR1g%2BwhPNpNUaMmY%2FTDecaFIOklw%2BKFaDk8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a588878f616ae0-FRA
expires
Tue, 12 Nov 2024 01:10:35 GMT
/
cloud.typenetwork.com/projects/2101/fontface.css/ Frame 3976
730 B
831 B
Stylesheet
General
Full URL
https://cloud.typenetwork.com/projects/2101/fontface.css/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
x-amz-request-id
tx00000305b7d5fcb9b12a6-00652a7cea-7a12c4e8-nyc3c
age
88074
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
x-amz-meta-surrogate-control
max-age=604800
content-length
730
x-served-by
cache-fra-etou8220022-FRA
last-modified
Thu, 06 Apr 2023 15:46:21 GMT
x-timer
S1700701835.442131,VS0,VE0
x-amz-meta-tn-allowed-domains
http://shefinds.ctpusdev.com
etag
"228cb88d245a31343060024e93e4d9ad"
x-amz-meta-surrogate-keys
license-236229 projectlicense-10469 project-2101
x-hw
1697283306.dop151.fr8.shc,1697283306.dop151.fr8.t,1697283306.cds159.fr8.p
content-type
text/css
access-control-max-age
0
access-control-allow-methods
GET
cache-control
max-age=600
x-rgw-object-type
Normal
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
2
style.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame 3976
115 KB
21 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 09:05:45 GMT
server
cloudflare
age
1
etag
W/"63871ce9-1ca0c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588877c49383e-FRA
mobile.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame 3976
19 KB
4 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/mobile.min.css?ver=1.1.46
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 May 2018 07:13:47 GMT
server
cloudflare
age
1
etag
W/"5aec082b-4a96"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588877c4a383e-FRA
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 3976
18 KB
4 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
1
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588877c4b383e-FRA
single-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 3976
32 KB
6 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single-new.min.css?ver=1.0.35
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
0
etag
W/"63e1ec80-8143"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588877c4c383e-FRA
sbi-styles.min.css
www.shefinds.com/wp-content/plugins/instagram-feed/css/ Frame 3976
16 KB
3 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 09:13:18 GMT
server
cloudflare
age
1
etag
W/"6131e72e-41b7"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588878c4d383e-FRA
style.min.css
www.shefinds.com/wp-includes/css/dist/block-library/ Frame 3976
102 KB
14 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-includes/css/dist/block-library/style.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 15:21:24 GMT
server
cloudflare
age
1
etag
W/"64e4d274-19824"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588878c4f383e-FRA
ccb-frontend.min.css
www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ Frame 3976
17 KB
3 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ccb-frontend.min.css?ver=1.0.7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
1
etag
W/"63e1ec80-42d0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588878c51383e-FRA
page.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 3976
5 KB
1 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/page.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0d91e8b78f9d50f6dca25fdc4ef9d7cb2a5e0c102ad56ede94e74294de384682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Feb 2019 07:25:45 GMT
server
cloudflare
etag
W/"5c6274f9-14fc"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588878c54383e-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 3976
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:17:43 GMT
global_combined.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 3976
31 KB
6 KB
Script
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/global_combined.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 11:41:53 GMT
server
cloudflare
age
1
etag
W/"6239b601-7c40"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
82a588879c64383e-FRA
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/ Frame 3976
67 KB
22 KB
Script
General
Full URL
https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Date
Thu, 23 Nov 2023 01:01:01 GMT
X-Amz-Cf-Pop
FRA60-P2
Age
1135
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 Jul 2020 23:39:36 GMT
Server
AmazonS3
ETag
W/"0e107974c7663dc3d598a29c1079881d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
KtwQqlYKBLnLMQn8gjZQLKyTZTJKzTpjW2br4_qwUbwhtMFLd8DaFQ==
main.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 3976
53 KB
5 KB
Stylesheet
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/main.min.css?ver=1.0.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
etag
W/"5d691a1c-d43e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
82a588878c55383e-FRA
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 3976
36 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755
age
950139
cdn-cachedat
12/13/2021 20:18:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
48135f30fbfcba704628453df5764d8f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82a588878cef3730-FRA
cdn-requestpullsuccess
True
mail-ic-modal.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ Frame 3976
426 B
613 B
Image
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/mail-ic-modal.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2e7df51881edd22359b6e09b60d052c2216ce4e44b62889b49eff28f84004176

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=1067
etag
"5a6e6d28-42b"
vary
Accept
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=5356800
content-disposition
inline; filename="mail-ic-modal.webp"
accept-ranges
bytes
cf-ray
82a588879c68383e-FRA
content-length
426
page.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 3976
5 KB
1 KB
Script
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/page.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0912420957e1349dea4b9d6467adc71c30de0c1f9b2e09d84003b3eae03971f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 May 2018 12:37:25 GMT
server
cloudflare
etag
W/"5af58e85-1285"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
82a588879c69383e-FRA
lightbox.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 3976
5 KB
1 KB
Script
General
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/lightbox.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jul 2018 14:05:26 GMT
server
cloudflare
age
0
etag
W/"5b55e0a6-13aa"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
82a588885cd1383e-FRA
p.js
cdn.parsely.com/keys/shefinds.com/ Frame 3976
48 KB
19 KB
Script
General
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.155.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-155-56.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Nov 2023 06:04:34 GMT
content-encoding
gzip
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
MUC50-P3
age
68761
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
WPaq9rf7tgcgyzuJ-vemn-L9Di9VZpn5KNW-ccHHhHM7ahUaNRwcbw==
expires
Thu, 23 Nov 2023 06:04:34 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 3976
22 KB
8 KB
Script
General
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-93-105.muc50.r.cloudfront.net
Software
Server /
Resource Hash
0b9b5c5fc4114c994452c3659a20cbf0618d815d9eb2b74d3f53ad7b2d832e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
Public
date
Thu, 23 Nov 2023 01:07:25 GMT
content-encoding
gzip
via
1.1 a7322dae74179db004d6fbdc1e7dc03e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
age
190
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7388
x-amz-cf-id
gbUEQ4aLXGR0Fw8nA5XwnlvTVigMmZ0VzbxRcWRABMKkJG0oy884kQ==
expires
Thu, 23 Nov 2023 01:12:25 GMT
events
direct-events-collector.spot.im/api/v2/
0
214 B
XHR
General
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-119.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 d0b8b50936db949f99b5544ecb5eda1c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
ZKFuZbgoSSdbA-5EujymG6GHwoh4RtB46U7XMtf6buOcseZf9VvOBw==
x-cache
Miss from cloudfront
386-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
75 KB
23 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/386-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:00 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
V2nqXlHlt6qALdun5hMKBLqPqG5Cozkv
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
22998
last-modified
Thu, 16 Nov 2023 15:24:43 GMT
server
AmazonS3
etag
"85216e38d3203fb8b2485d233fba267b"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IrvNxSzl0sB79TkZMiRo0YnMfI8Lzkj4FKRRQLnFo2_ZVqRS6BvQEg==
808-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
99 KB
28 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee9159552166b5e8d7e038566cf414d4f99004a61d9c6abad6f57a625c10fbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:00 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
kYeGgVDt_L7nx8w8Na7Av5KJocwBLX98
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28266
last-modified
Thu, 16 Nov 2023 15:24:43 GMT
server
AmazonS3
etag
"5df1ffedda9496df3985a2d25d942638"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oTorBF8jQVmO8-k6Lmm54dD3KzlsVEfLdSIOGrVbeRGw6_M9mpBWlA==
891-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
11 KB
4 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/891-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78b7236e2cd78ad5a0c1e6df5502c708951d4c209b6b308cd697fe3aaa4dea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:00 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
Z.g1LBUMJCvqvT7_lp_6xxZF..GtLEYC
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3623
last-modified
Thu, 16 Nov 2023 15:24:43 GMT
server
AmazonS3
etag
"29db959c042f55a054141f906087af74"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
g1W01FtCo52HrWEmSOfioHX6Cmt6bittwoAfgZDOIuc9PDrHM9xZhQ==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
30 KB
10 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e2e36e6e19eac1a4280087e625d7f69ad75aef8f0e1ec83a5275a330be06187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:00 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
TMpOJKnmulmva732G2ua2_rmvp2KDeBS
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
9382
last-modified
Thu, 16 Nov 2023 15:24:44 GMT
server
AmazonS3
etag
"bb188e2c2dfd1badf9ada749809a2d5c"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
a2nqQbHBc4_J5MRqv8bxhLAVxQP_arlr0xCaEdiP9MEcTapFo1vVow==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/
0
0
Fetch
General
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:01:15 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
32694
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
0teaSzr4T7KoEtJPBR10Jl5_M2XDuqwnbM-7iMZXWaf8BklqXvAP1g==
30.7a5d7994151a5736f377.js
ads.blogherads.com/static/chunks/
1 KB
841 B
Script
General
Full URL
https://ads.blogherads.com/static/chunks/30.7a5d7994151a5736f377.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c31877e81a8a7730e54f437c113dbe72981d148ec0db76867eab8bde00a7c19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26BT5Y4ER46V3BV6
age
202
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
jq4XQXR4CcyzC9ukqcw0nd0j20E+OuetqVnVeCXqFAeVqKjiF1JSnWoeBagwaFTHRvUde12b1aQ=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Thu, 16 Nov 2023 23:37:53 GMT
x-timer
S1700701835.474478,VS0,VE0
etag
W/"6d11266ce6760d1901dddac0dde8d19d"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/34ba8817-f1d1-4157-b918-decb83e86d67/
476 KB
126 KB
Script
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34ba8817-f1d1-4157-b918-decb83e86d67/gdpr-liveramp.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.53bb9f34fa7efc76fd9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ca00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af2c0d167feeef52cf8627ba172ae8d076ab4d1d0bbb101a42839ce160fff7f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
05OHKMhoduY9yEqoPmQReQNOOYb2uLzU
content-encoding
gzip
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 16:45:25 GMT
x-amz-cf-pop
FRA56-P7
age
30311
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Mon, 20 Nov 2023 16:45:18 GMT
server
AmazonS3
etag
W/"36dea6e752790fb2d7b5fdfa7fba578d"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
c01WBRIi86KYwBrsdf-Esp7jZ8pRA8AjkO6LsVDoPn7XkwpoXYJlXw==
optoutstatus.html
ads.shemedia.com/static/ Frame E1C0
748 B
777 B
Document
General
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.53bb9f34fa7efc76fd9d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
199
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 01:10:35 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Mon, 09 Oct 2023 18:57:50 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
Sz0sCZgBlHIX418RaaOVVN5Y3FRVe3aEXJ4R13K9wmOouysJPUrGxSUzKAD6j3vzCJ5rCiTf63k=
x-amz-request-id
7A17RK53K6FQNN54
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2
x-served-by
cache-fra-eddf8230123-FRA
x-timer
S1700701836.568268,VS0,VE0
fy4C3obCXFLFL2ZmgQdA3AUUdcs.js
www.shefinds.com/cdn-cgi/apps/body/ Frame 3976
1 KB
648 B
Script
General
Full URL
https://www.shefinds.com/cdn-cgi/apps/body/fy4C3obCXFLFL2ZmgQdA3AUUdcs.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/cdn-cgi/apps/head/WGoWfUPXoC75537_vsscjA4CbkU.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7585e4b54edee5dd7ecb17bd243463a8647ff6c6cf434cedd242eea88f4d087c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
x-amz-version-id
hrN_Z86IF41Y7Jqm.Ol5vH4fIEz6F4H4
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 15 Oct 2023 00:37:16 GMT
server
cloudflare
x-amz-request-id
PWX6XQ2KW51TTRKK
age
1286762
etag
W/"563213b8f416bb0c45fe289730acba5f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82a588899da7383e-FRA
x-amz-id-2
x3yZalLRTpWp3/6DtTLKBJVcnIt/HF3LBXiTLiO2lz7+cNwcIZNeBKtHksLC+qEG78SSxlJlB/4=
main.d.js
bc.marfeelcache.com/www.shefinds.com/ Frame 3976
13 B
471 B
Script
General
Full URL
https://bc.marfeelcache.com/www.shefinds.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
via
1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
e04bbaa14acd4f1eaf98c1a703c237fa
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HS
x-mrf-rendered
1698042727944
x-mrs-age
16
x-b3-traceid-primal
8de5c08e3cbc47ffa5e4a40f89594c18
content-length
13
x-mshield-cache-status
HIT
x-served-by
mshield-b-01, haproxy1, cache-yul12833-YUL, cache-fra-eddf8230067-FRA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1700701836.821458,VS0,VE0
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
n7VbPTwViSHWfgH3RbZFFf_o6w-UtaUpZ6d2JppiZA3qsdas8syIYg==
x-cache-hits
362, 3
modules.c8594c199b647db49b88.js
script.hotjar.com/
226 KB
57 KB
Script
General
Full URL
https://script.hotjar.com/modules.c8594c199b647db49b88.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-368258.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-84.muc50.r.cloudfront.net
Software
/
Resource Hash
eb529572e8303d0a62213e86419c6f4b1e816b510b8655dd40453e95bdc3eab1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 16:50:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
30029
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57336
last-modified
Wed, 22 Nov 2023 16:49:34 GMT
etag
"8c86dcfd87caa6e82d9cb454e84716ca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
YDVn2F5rp9-E6yGKs4AUxaYb8MwpW_V1bFoapzwfASn3C5r854EwCQ==
sdk.js
connect.facebook.net/en_US/
297 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=13f8d112b7429d15577ac17d36f50707
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85cc4a967e618610bff0596e4225f80ef4b7a54ad64c8d77e4f25abdcdb6b218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 01:10:35 GMT
content-md5
8Vc96eM9aeHG911SkwE/Qg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86880
reporting-endpoints
x-fb-debug
Rm6dYLJ08/TYr1MXWbnj/y0V8XHNHPSIX9P2pwRY3yh9v3aHUAombIBrpcakP6JoLTM8bnB4DemzZaLuoFzJpw==
x-fb-content-md5
71d1e0c56608a21e5435267c53fd3acf
cross-origin-opener-policy
same-origin-allow-popups
etag
"1dab95d016ecf2d96e242242229eb115"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 21 Nov 2024 23:16:08 GMT
active_selectors
onsite.boomtrain.net/
0
723 B
XHR
General
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=339c4cee6051c3aea99d9d91e3b71ab2&bt_onsite_test=false&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-58.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
e929ed01-63ae-4500-a27b-873d791c413c
X-Runtime
0.002985
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
1230911863589528
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1230911863589528?v=2.9.138&r=stable&domain=www.shefinds.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c04e240b96cb8f81323642ee2dceb424aac8b7490bce171bfb31a73e83b1fa96
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Nov 2023 01:10:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
W0l+B7yZLPi0uSoL8jz+hB7m1f3GzunIo3WbMIrZCL7k6oSQqm4XDopI4Y9yi8uZR1zxF2YxnsRMw7GOqaqylw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.min.js
comparisons.sovrn.com/js/
3 KB
1 KB
Script
General
Full URL
https://comparisons.sovrn.com/js/loader.min.js
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-42.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53bf676d7fb58887b9f4c83c1330451e2b01f1a0863284c5fb4e8284b9a87d8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
wUjdKB9KxRQ_qaiqixzvDYOao_YWjVDV
content-encoding
gzip
via
1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 11:30:34 GMT
last-modified
Mon, 13 Nov 2023 15:08:59 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
54701
x-amz-server-side-encryption
AES256
etag
W/"cd7ae9ed1060bf847a247edb30351188"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
PTvD5OT5JpwvX6kOuDaA560CTyRN9js8aCwIRQU8vav3jqJZ9z4EGw==
rules-p-d6OYghvsxJNAU.js
rules.quantcount.com/
160 B
643 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-d6OYghvsxJNAU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a8cce7bd28f740b0ec159c5c8f5ccfa25cec1350e0791ce5af5f364208952ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:01:09 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1314
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:53:17 GMT
server
AmazonS3
etag
"9896c63d081f1a368fe67c5d43d246eb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
GmoMdKPkqFmd_eS6nw-1lBYikwpyHlmscb7YG2Nyk9rbJZrf36oqwQ==
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=PageView&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&rl=&if=false&ts=1700701835802&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700701835797.75550604&ler=empty&it=1700701835611&coo=false&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Nov 2023 01:10:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
lightbox.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ Frame FA32
510 B
419 B
Script
General
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1700701835806&lv=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5fffd9250eb035adc0d58fad67204a455b165a466536577cc25617e6d7ddb28c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:36 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 23 Nov 2023 00:20:29 GMT
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cf-ray
82a58889ead59256-FRA
p.js
d1z2jf7jlzjs58.cloudfront.net/
930 B
1 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-70.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 07:58:11 GMT
Via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
61944
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
p1w4NSSvCLklM64y_f5h2MkB9UHuIp_Uj3Qy-2etOqj9vZ8N-Ck-Ew==
Expires
Thu, 23 Nov 2023 07:58:11 GMT
920.js
cdn.keywee.co/config/
205 B
546 B
Script
General
Full URL
https://cdn.keywee.co/config/920.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:8400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1368e5ddba16a76115a9c485ba99b475ac1089cc86e9304bab52f880fe3e0e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 14:40:42 GMT
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2019 05:50:34 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
37793
etag
"a588c90794a2e3adda43c3ca2c774333"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
content-length
205
x-amz-cf-id
Zid-xjkNNmO3NTeyIHCC-4qxm-sFPij7OhzLsfv4bXGTGGzZpI7gzw==
css2
fonts.googleapis.com/
2 KB
971 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lora:wght@500&display=swap
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cbdd3671a78c4febdb7524d99510f3b4d3b74c18a5feef64654b17eec6349ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 01:10:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 01:10:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
98 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
876f8b87b310bf66cb4f564912ee786558eb8b302d8ed92cd1b77483063f135c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30436
x-xss-protection
0
server
cafe
etag
450 / 19684 / 31079695 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:10:35 GMT
prebid7_20_0_v1.js
cache.sellwild.com/
274 KB
275 KB
Script
General
Full URL
https://cache.sellwild.com/prebid7_20_0_v1.js
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-22.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
016209754f5b92f7cce3c66c0035d8fcf48b11d08881319155a3476824a1582d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 11:05:31 GMT
via
1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 05:29:04 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
50705
x-amz-server-side-encryption
AES256
etag
"f38fca0a8b9721b52d104e88cc9638f1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
281065
x-amz-cf-id
VyO1sx512EITsvXNvLqGTGFJwZy2JtKSSF8nsKLj0DjPZJYU0RAmoA==
359
a.ad.gt/api/v1/u/matches/
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&ref=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13321bd59f97af3b32bdb3f62cecbec8c469c59f180aa6fcc256bd07d06752c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Nov 2023 01:10:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82a5888ada2137da-FRA
listings-img-data-sm-shefinds
cache.sellwild.com/
217 KB
164 KB
Fetch
General
Full URL
https://cache.sellwild.com/listings-img-data-sm-shefinds
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-22.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
513d92d69cceed853c01ddcd1ca46ef098fb1ade3b4e03293347481bee0e18a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:00:02 GMT
content-encoding
gzip
via
1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
634
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
167400
last-modified
Thu, 23 Nov 2023 00:44:56 GMT
server
AmazonS3
etag
"93402e55daf32d859edeb90041e4580f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
FuNoW9Hf-uuYmHIqDpOExpv02nRN4NMrDZT-oOiJNHbUcvd0LdwmDA==
gdpr.bundle.js
gdpr.privacymanager.io/latest/
136 KB
41 KB
Script
General
Full URL
https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/34ba8817-f1d1-4157-b918-decb83e86d67/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e41c837b41e76f82b059aefb2760c06d25da6b16795539f617ad71ed35b5db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
ckSI8v3rkleyZY0lRXwEiqrS3W4q1uVh
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 00:40:25 GMT
x-amz-cf-pop
FRA60-P2
age
1812
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:7f36743f-2da7-4da8-bdd2-972be408eb70
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d638594a4431fb92ce665bbc36a0fc3b
last-modified
Mon, 20 Nov 2023 09:39:44 GMT
server
AmazonS3
etag
W/"d6473f0b39605d947f938a58831d0dc7"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
9c549b9aaf19a38afc86dda5fa45e8175aef1e696bf21c2aec180684e344f226
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
BEnbjbGxyKJMdKgOkxyqxxUJGEyur6sUJw0U61hpVLgKnoOp3fd5fQ==
matomo.js
mtm.shefinds.com/ Frame 3976
64 KB
20 KB
Script
General
Full URL
https://mtm.shefinds.com/matomo.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/cdn-cgi/apps/body/fy4C3obCXFLFL2ZmgQdA3AUUdcs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.126.111.33 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li368-33.members.linode.com
Software
nginx / PleskLin
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:26 GMT
content-encoding
br
last-modified
Tue, 01 Aug 2023 09:51:37 GMT
server
nginx
etag
W/"64c8d5a9-10132"
x-powered-by
PleskLin
content-type
application/javascript
resolve
people.api.boomtrain.com/identify/ Frame 3976
81 B
402 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.93.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-93-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:35 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
resolve
people.api.boomtrain.com/identify/ Frame 3976
81 B
402 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.93.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-93-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:35 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
session.html
events.release.narrativ.com/api/v0/ Frame D89A
713 B
1 KB
Document
General
Full URL
https://events.release.narrativ.com/api/v0/session.html
Requested by
Host: static.bam-x.com
URL: https://static.bam-x.com/tags/shefinds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.230.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-230-223.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
21eca2934c9de2dd70b6f8b2e5ed5450319b745c1b09aadd1db8585c7ef7abb8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private, max-age=7776000, must-revalidate, proxy-revalidate
content-length
713
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:36 GMT
server
openresty/1.21.4.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-bam-build-version
a71d446e00cfaae38614893f9b906e651af17b56
x-bam-env
release
x-robots-tag
none
169-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
155 KB
43 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/169-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b19e827414388e94fcc2815c445a4932d8eccfa009466979f46d51663a270dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:21:58 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
TDcjvKZf3qpKyvnHf7R2hXIhdwNNm0A3
x-amz-cf-pop
FRA60-P5
age
211718
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43864
last-modified
Thu, 16 Nov 2023 15:24:43 GMT
server
AmazonS3
etag
"1ef394c18ee61b33befe94298da0f04d"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jrRFQuv2kbPl0O0lABNY_eAQLzMU5hgGoEwUcMxt2glvRlJ7BW9c5g==
shell-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
96 KB
22 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/shell-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3982ebaff8a57748e4f5d30e4267c33ba21d8b861c12c03329f11d74e83bf51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:00 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
xW2xJDyvIt5Bo9xqt0jd5hHDQ_x1lLEU
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
21905
last-modified
Thu, 16 Nov 2023 15:24:44 GMT
server
AmazonS3
etag
"84c6dfc27e85826be4f3f00ac0496823"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fve1SULthSqvWf892eHMnGeXUYjLUdbA32yU2P37oCVFKKh0OEA2Yw==
browser-perf.28a8c6b22b3c0474c577.js
script.hotjar.com/
4 KB
2 KB
Script
General
Full URL
https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c8594c199b647db49b88.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-84.muc50.r.cloudfront.net
Software
/
Resource Hash
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 10:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1694789
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1589
last-modified
Fri, 03 Nov 2023 10:23:46 GMT
etag
"d065ec1659ab8dbb93042fdf9a225634"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
jCpZ5U0yCXl7wsCdChtO-EQ6kFUK8E2ehigtZhiDAbN-8IoY5BTAaQ==
0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
fonts.gstatic.com/s/lora/v32/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc5059b2f1e55a338bc7085341ae5511b80c51847ff92244a2782a7c5b7417c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.shefinds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:55:48 GMT
x-content-type-options
nosniff
age
458087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19996
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:45:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 17:55:48 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ Frame 3976
930 B
1 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-70.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 07:58:11 GMT
Via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
61944
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
4qk5eaujh_zZP6s7bp1indNpJVexK1x_waLsC-twliIO_dvCxk4OLw==
Expires
Thu, 23 Nov 2023 07:58:11 GMT
metrics-reporter-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
7 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/metrics-reporter-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4538c4a3f0cd3b22b6b45285abc0bdd88be05af93c2092911b03927c5e78bbb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:01 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
zWXOjGfQMAQGkF2c1FCw4WNcXXtYXfZb
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2619
last-modified
Thu, 16 Nov 2023 15:24:44 GMT
server
AmazonS3
etag
"3325b999b14b244fcdd24382f76d7241"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9I1y1d2lPLZBXXcEzTLIQyhXx5MEwFGxgtUAZWD7aCLGim_afBiK3w==
active_selectors
onsite.boomtrain.net/ Frame 3976
0
723 B
XHR
General
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=339c4cee6051c3aea99d9d91e3b71ab2&bt_onsite_test=false&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.143.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-143-58.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
3dbacb36-e6eb-46cf-a21e-d83eba3fd273
X-Runtime
0.004463
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
/
srv-2023-11-23-01.pixel.parsely.com/plogger/ Frame 3976
43 B
259 B
Image
General
Full URL
https://srv-2023-11-23-01.pixel.parsely.com/plogger/?rand=1700701836036&plid=63211414&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&sref=&sts=1700701836032&slts=0&title=Doritos+Chips+Are+Being+Pulled+From+Grocery+Stores+Due+To+Undeclared+Ingredients+-+SHEfinds&date=Thu+Nov+23+2023+02%3A10%3A36+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=50247827&u=pid%3Dcb08f7ac6f1f8fcab95555512a7883b7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.122.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-122-87.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:36 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 23-Nov-2023 01:10:36 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sp-2.9.1.js
cdn.keywee.co/dist/
75 KB
26 KB
Script
General
Full URL
https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:8400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:31:45 GMT
content-encoding
gzip
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified
Sun, 14 Oct 2018 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
11468332
etag
W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=315360000
x-amz-cf-id
AtjBxfkXJiATZDT9UnqE4RZX4EJG22lkEfAEMUP4r3O8D0e9QtZa7w==
340247040194248
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/340247040194248?v=2.9.138&r=stable&domain=www.shefinds.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d2bace3a9db8665681e2bce85210b9c5402fc3d9e7e9792e7bb0c187790d8ab
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Nov 2023 01:10:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
gmMfjlRdGnm1FXM19Wv7wp9G06y2jP19cEvYgN3IZ8ANkhCepzbiJmac5kIHItHJENALs2aC2DMin5/U9jCcxA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/
18 KB
18 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fe7ea8e8931834626c3dd536ea876046750408bfc4bd682bd0eb8d937bc888e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/
28 KB
28 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f210906d5737531eada757253ca21b6b158de18c821a4bc85c4e469daac13ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/
20 KB
20 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d67130baf4b5550cdffcdd1f25317766d4334ecc55eb689c8c2ece81cefa134a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/
8 KB
8 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf6842676c903f3d51f15aa0fb7d6af85a3d2676ea4833006fbd7d6ee019506a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/
17 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7011da3458e6933b9da7c313cad581c528bcef9d88d1cc2452e212e67cdcccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc267fb3b378db4dc4baef252937a10ff9e066f3fbd9834fd5fdf2d5d6c7b635

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
466b1afcba408c2cf0cc1535af407203c784990b57521fecc26bb12f745b8700

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
24 KB
24 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea06294b9f60cab9b0659de0b93fbbf8c8fb0bc302554163534aa2887676ee96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
binary/octet-stream
p.js
cdn.parsely.com/keys/shefinds.com/
48 KB
19 KB
Script
General
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.155.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-155-56.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Nov 2023 06:04:34 GMT
content-encoding
gzip
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
MUC50-P3
age
68762
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
gyLBI51D4-fbWBqo8KIJkfsc64igVVXpVHaBYnGIIrqmLLWMeW8rJw==
expires
Thu, 23 Nov 2023 06:04:34 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137994
x-xss-protection
0
server
cafe
etag
6213585212225905441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 21 Nov 2024 20:10:14 GMT
sprite.svg
static-cdn.spot.im/production/icons/sprites/
24 KB
10 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 09:53:28 GMT
x-amz-cf-pop
FRA60-P5
age
55029
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
AmazonS3
etag
W/"2a4e43326a158b47d0598571fd4099b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
ILAQMyJqATQ3GbGGji24uBOzfsf4Hp3h0rUwC7Rw1rFKsDFmdd2Qjw==
device-load
api-2-0.spot.im/v1.0.0/
36 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
51e9626fa33eeb2e7392bdbaa9103ae5a47e647530211f4e046560fc5ee08a18
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:36 GMT
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
content-length
36
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
Hg9ZTRj79xzmxMFFp3ya70jNivThyDFmGDxHQR1bCbYyKqdNLWQyig==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34ba8817-f1d1-4157-b918-decb83e86d67/ Frame
0
0
Preflight
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34ba8817-f1d1-4157-b918-decb83e86d67/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ca00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
age
30315
content-length
0
date
Wed, 22 Nov 2023 16:45:22 GMT
server
AmazonS3
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-amz-cf-id
7bJuC08tmRSkpPs1BgbItXEv7V42aoLjkwiDU7sDC_-f8pcpZp3lfA==
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
/
geo.privacymanager.io/ Frame
0
0
Preflight
General
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-36.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Nov 2023 01:10:36 GMT
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront), 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
x-amz-apigw-id
O0719GjTjoEEIhw=
x-amz-cf-id
7MpgELBUEs-O_nD04JOsSkw_QWMogtaxqNUxzuJ91JU7J9CF5obGHQ==
x-amz-cf-pop
MUC50-P1 MUC50-P2
x-amzn-requestid
ef6c0f4c-61f5-490b-9266-21a5960891e4
x-cache
Miss from cloudfront
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34ba8817-f1d1-4157-b918-decb83e86d67/
103 KB
18 KB
Fetch
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34ba8817-f1d1-4157-b918-decb83e86d67/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ca00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1cbb5a038024ebacdaf67895a34f30cf1436c547edf4332ab6283ca4b6508be

Request headers

Accept
application/json
Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
ot5yMWIJ0.Be9g3H.dBzrdda54cM2FGL
content-encoding
gzip
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 00:55:25 GMT
x-amz-cf-pop
FRA56-P7
age
1502
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 20 Nov 2023 17:40:24 GMT
server
AmazonS3
etag
W/"10fb1386034dd0b23a469dba30150dd7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
sMOnSfcYuDTZEdLLLbvnR0wavA0Z8gM-snu8aj5eh5nMdFAGTUb84Q==
/
geo.privacymanager.io/
28 B
607 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-36.muc50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Nov 2023 02:00:19 GMT
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront), 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MUC50-P2
age
83417
x-amzn-requestid
85361113-7356-4381-aec3-37acd9ce9803
x-amzn-trace-id
Root=1-655d60b3-061735340a032f2d3dde04cb;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
OxwMDE0ojoEEJ1A=
content-length
28
x-amz-cf-id
8MHyTDNnDY0V5vlPi8kEwVZHV-mpWqgV2Y-CeUOA0rt0NrOZyRXYwg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
p.js
cdn.parsely.com/keys/shefinds.com/ Frame 3976
48 KB
19 KB
Script
General
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.155.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-155-56.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Nov 2023 06:04:34 GMT
content-encoding
gzip
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
MUC50-P3
age
68762
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
2a8JDh4s9XH6rEYDWz4LsF_fI1q27fqLDY7twtQNdcc7Dbmj1fBoAA==
expires
Thu, 23 Nov 2023 06:04:34 GMT
matomo.php
mtm.shefinds.com/
0
146 B
Ping
General
Full URL
https://mtm.shefinds.com/matomo.php?action_name=Doritos%20Chips%20Are%20Being%20Pulled%20From%20Grocery%20Stores%20Due%20To%20Undeclared%20Ingredients%20-%20SHEfinds&idsite=2&rec=1&r=244661&h=2&m=10&s=36&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_id=e4ffd1488dcd76c4&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=GkodUG&pf_net=63&pf_srv=995&pf_tfr=16&pf_dm1=1211&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: mtm.shefinds.com
URL: https://mtm.shefinds.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.126.111.33 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li368-33.members.linode.com
Software
nginx / PHP/7.3.28, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:26 GMT
access-control-allow-credentials
true
server
nginx
x-powered-by
PHP/7.3.28, PleskLin
i
pixel.keywee.co/
43 B
295 B
Image
General
Full URL
https://pixel.keywee.co/i?stm=1700701836233&e=pv&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&page=Doritos%20Chips%20Are%20Being%20Pulled%20From%20Grocery%20Stores%20Due%20To%20Undeclared%20Ingredients%20-%20SHEfinds&tv=js-2.9.1&tna=cf&aid=920&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=dfcfbf46-ccbb-4376-9b93-561c35297e1f&dtm=1700701836232&vp=1600x1200&ds=1600x13094&vid=1&sid=e3d74c37-60ab-4a3f-9a15-b3f0861eca95&duid=be43cfd1-44d3-4b10-bf9f-33e05e286d26&fp=3099058815
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.205.13.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-13-79.compute-1.amazonaws.com
Software
nginx/1.21.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

status
200 OK
date
Thu, 23 Nov 2023 01:10:36 GMT
x-content-type-options
nosniff
content-type
image/gif
server
nginx/1.21.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
user.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ Frame FA32
685 KB
139 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638309596900002776
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1700701835806&lv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afa29609b287f240f3f088c61fca96d33d832fafac704937026907d364fa42b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Nov 2023 01:10:36 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jzf/Fndh304iwtGvmDt7HA==
age
63594
cf-polished
origSize=1155627
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 22:03:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
1b5b6eb1-b01e-0076-2de9-119c8c000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
82a5888caba99256-FRA
expires
Fri, 22 Nov 2024 01:10:36 GMT
matomo.php
mtm.shefinds.com/ Frame 3976
0
146 B
Ping
General
Full URL
https://mtm.shefinds.com/matomo.php?action_name=iframe-modal&idsite=2&rec=1&r=193862&h=2&m=10&s=36&url=https%3A%2F%2Fwww.shefinds.com%2Fiframe-modal%2F&urlref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_id=e4ffd1488dcd76c4&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=do1ARp&pf_net=0&pf_srv=215&pf_tfr=1&pf_dm1=718&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: mtm.shefinds.com
URL: https://mtm.shefinds.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.126.111.33 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li368-33.members.linode.com
Software
nginx / PHP/7.3.28, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:26 GMT
access-control-allow-credentials
true
server
nginx
x-powered-by
PHP/7.3.28, PleskLin
/
srv-2023-11-23-01.pixel.parsely.com/plogger/
43 B
259 B
Image
General
Full URL
https://srv-2023-11-23-01.pixel.parsely.com/plogger/?rand=1700701836270&plid=31984827&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&sref=&sts=1700701836032&slts=0&title=Doritos+Chips+Are+Being+Pulled+From+Grocery+Stores+Due+To+Undeclared+Ingredients+-+SHEfinds&date=Thu+Nov+23+2023+02%3A10%3A36+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=67401463&u=pid%3Dcb08f7ac6f1f8fcab95555512a7883b7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.122.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-122-87.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:36 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 23-Nov-2023 01:10:36 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=KWCEPV&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&rl=&if=false&ts=1700701836274&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700701835797.75550604&ler=empty&it=1700701835611&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Nov 2023 01:10:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=PageView&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&rl=&if=false&ts=1700701836275&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700701835797.75550604&ler=empty&it=1700701835611&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Nov 2023 01:10:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
session.gif
events.release.narrativ.com/api/v0/
0
398 B
Image
General
Full URL
https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1826114692262673635
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.230.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-230-223.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
x-bam-build-version
a71d446e00cfaae38614893f9b906e651af17b56
date
Thu, 23 Nov 2023 01:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
openresty/1.21.4.1
x-robots-tag
none
x-bam-env
release
/
srv-2023-11-23-01.pixel.parsely.com/plogger/ Frame 3976
43 B
259 B
Image
General
Full URL
https://srv-2023-11-23-01.pixel.parsely.com/plogger/?rand=1700701836305&plid=63211414&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&sref=&sts=1700701836032&slts=0&title=Doritos+Chips+Are+Being+Pulled+From+Grocery+Stores+Due+To+Undeclared+Ingredients+-+SHEfinds&date=Thu+Nov+23+2023+02%3A10%3A36+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=45584605&u=pid%3Dcb08f7ac6f1f8fcab95555512a7883b7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.122.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-122-87.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:36 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 23-Nov-2023 01:10:36 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
2 KB
973 B
Document
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd4b226598cc41701660f6a23258e866a976cbe7714359b3656e6f1017b1fd27

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
229053
cache-control
must-revalidate,public,max-age=604800
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 09:33:04 GMT
etag
W/"75610cde1541054da56aaac17da27360"
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-id
E2SPZGHMYRq5QQxAe_eFdWBPO5HiLLSzbdRkvW2RkkAthdvR7AvQ8Q==
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
.t5aPfxCiC3dcMaLwZ0jl5ylX_nghvVJ
x-cache
Hit from cloudfront
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637828922049286464
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638309596900002776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Nov 2023 01:10:36 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
409549
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
af1fd81f-601e-0019-2565-143458000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
82a5888d4bea9256-FRA
expires
Sun, 24 Dec 2023 01:10:36 GMT
z
lightboxapi.azurewebsites.net/z9gd/41449/www.shefinds.com/jsonp/
590 B
952 B
Script
General
Full URL
https://lightboxapi.azurewebsites.net/z9gd/41449/www.shefinds.com/jsonp/z?cb=1700701836372&callback=jQuery17108957389347337907_1700701836356&_=1700701836373
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638309596900002776
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e719a48e1ad38d521e2529d3dc19dc631932fc06ec8c1faac647399697ce1a83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/javascript
t.gif
www.lightboxcdn.com/z9g/
35 B
258 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1700701836361&h=www.shefinds.com&e=p&u=41449
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Nov 2023 01:10:36 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
844425
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
555a63d6-e01e-004c-7ffb-15df2f000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82a5888d5bef9256-FRA
trk.gif
jadserve.postrelease.com/
43 B
421 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4354007&ntv_pl=1095776
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.244.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-244-86.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
421 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=72c10cfa-3332-4c21-a239-5867eb8a109f&ntv_fl=fEPjykmpY8C9TFTl-KfmS-suOsErFMx3OOULL9u3F34R4wo7ud3dhInCumd_frS4Ti5H377-wwBJuZo7UzC6d9jllovXbhIx-OxX_zMH_BN_atFvfiljWDVU1tK8mAB_H8bKWB-Pq7q720rtiNqR8g1uey_ZiB_E8AqOX1q8mCyYysqeUvMT-_eUNaW85NumjaUfxS5tN81MY7YRuwaDxg==&ntv_ht=jKZeZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAYLgQA&ord=1700701836381&ntv_it
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.244.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-244-86.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:36 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
13 KB
3 KB
Stylesheet
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e44f20ad1e0415f23d5cebd0f4c329f7c6b6ede0e628781ae82c392d6b09626d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
l9Yxetfnn_7CQGJLWsPPCEiJskCfJpcn
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:56 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"0ed4578b4ace412be12dcff192aae7f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
nRox64xK9Oc_kiDAzta46GqeCFwrlIYUz2KjTqeL3G9YGPKGELU1Ow==
openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
32 KB
3 KB
Stylesheet
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53f0d3ec31993f75aa6a5135d73e4c138da6eb0bf61c437b26a7acf4b9f61949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
03kwdFjMWhpCAbz3VXW0f9903WDBjZsl
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:55 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"d3d135bb6189c884e579b5c9d18247cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
sMUNA4jugGaHtJTWVH7KnqphoGV44jkvdn72ze_xeFYnnkNuQ4_Wxw==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
3 KB
2 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
998a5669295e7b46d6cbbff71584d9c72dd91fddd8be6183f45b7b5affaa038d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
8JBUrCZTQh_UJAXOCQ9O0WbxP6TapRUy
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"baa561d4c829977602712d4f71384ad3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
eMZCaP-MEC4MgAIxK6eEWPbQKcI979bPpR3CXdAdN4AfP3EzL3_2Rg==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
35 KB
12 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333bcf8037746f5d9af71a19dcc2ddcc7b4bace7c7888f66752acc7cb840a8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
z3ZS18Neszg2pse7rhQkwnqT46yuw84p
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"18ff9b671ebe4f0582ea1dad523d6914"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
umqvDO-_8XJsyBAZXLKUiB-hhS-NMLd_CtS3ePDbEnP6IZEdOvyPFg==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
646 KB
173 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
612ef9770b16e45767bc83794a0a89703c143c205243662636463e9b56c916c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
BBXdtb3GKnM1.v4opwJnHrUUyOrkdEtB
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"c0dacd8e88f53909cb796490cf70c0f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
_OSbIXY12YSEA_kpp8vn--RJ4VLWkPiXdwOBeB_DZGO3eN5dIqF2nw==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
41 KB
10 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e87a8facbeec483528a20a654e8737ead5b65be2861c38e19c966cb6f50bfb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
0sBd6Y84hLYt91YVoxR12Yx6fykYIyLQ
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"71550097c2c628648cbfb7d1fb15618d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
_h1UIgKZETcBkWoVFa9GWQXGhegke-FjIea9a0KNdzx8P_OwH6dDqg==
defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
0
6 KB
Other
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
C.Ak6kBXVIedEWgfFPis.li0mrcjHfYr
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"eba68fd1d6e00f025c7b6c5b7584d159"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
wEMzNJOFY3eiCF1GA4I2G36lggmbXBnb8Q8FMAcBmxibog3rh1qd3A==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
3 KB
2 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
998a5669295e7b46d6cbbff71584d9c72dd91fddd8be6183f45b7b5affaa038d

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
8JBUrCZTQh_UJAXOCQ9O0WbxP6TapRUy
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"baa561d4c829977602712d4f71384ad3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
s3mGaARQcPP3GgHha3sJ30SsbqMfFGqcw6RjNHoy1rX416GKtbCSNA==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
35 KB
12 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333bcf8037746f5d9af71a19dcc2ddcc7b4bace7c7888f66752acc7cb840a8ea

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
z3ZS18Neszg2pse7rhQkwnqT46yuw84p
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"18ff9b671ebe4f0582ea1dad523d6914"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
iUCkx4Dx3XjnojDOc2Ej4CVvfBWAK5s7QVPUMQDK6K_1ZqQsDSq1qg==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
646 KB
173 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
612ef9770b16e45767bc83794a0a89703c143c205243662636463e9b56c916c1

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
BBXdtb3GKnM1.v4opwJnHrUUyOrkdEtB
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"c0dacd8e88f53909cb796490cf70c0f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
ntbD2_BkvjIO_6mhb2zdQKIWc3M8SJPRx9Evi3yhFaGjj2lN22EOhQ==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
41 KB
10 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e87a8facbeec483528a20a654e8737ead5b65be2861c38e19c966cb6f50bfb8

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
0sBd6Y84hLYt91YVoxR12Yx6fykYIyLQ
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"71550097c2c628648cbfb7d1fb15618d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
akHS2Ta-BbJUQfiXXL4GVWIZ4c8Qi7wEYFpWXMwZuG8DjSDN5eznfA==
1081
links.release.narrativ.com/api/v2/smart_links/
69 B
487 B
XHR
General
Full URL
https://links.release.narrativ.com/api/v2/smart_links/1081
Requested by
Host: static.bam-x.com
URL: https://static.bam-x.com/tags/shefinds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.56.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-56-198.compute-1.amazonaws.com
Software
/
Resource Hash
c3895e64602fd825bdce8267682308e5ec345a6a7eeb9650d02b98be3894389a

Request headers

Accept
{"uid_bam":"1826114692262673635","BAMX_Opt_Out":""}
Referer
https://www.shefinds.com/
X-Howl-Pixel-Version
shefinds
X-BAM-Params
{"uid_bam":"1826114692262673635","BAMX_Opt_Out":""}
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:36 GMT
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-None-Match,If-Modified-Since,X-BAM-Params,Access-Control-Allow-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,Access-Control-Allow-Credentials,X-Howl-Pixel-Version
content-length
69
access-control-allow-methods
GET,HEAD,POST,PUT,OPTIONS,DELETE
content-type
application/json
/
events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/
2 B
467 B
XHR
General
Full URL
https://events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/?uid_bam=1826114692262673635
Requested by
Host: static.bam-x.com
URL: https://static.bam-x.com/tags/shefinds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.230.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-230-223.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
{"uid_bam":"1826114692262673635","BAMX_Opt_Out":""}
Referer
https://www.shefinds.com/
X-Howl-Pixel-Version
shefinds
X-BAM-Params
{"uid_bam":"1826114692262673635","BAMX_Opt_Out":""}
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-bam-build-version
a71d446e00cfaae38614893f9b906e651af17b56
date
Thu, 23 Nov 2023 01:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
openresty/1.21.4.1
x-bam-env
release
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
x-robots-tag
none
content-length
2
1081
links.release.narrativ.com/api/v2/smart_links/ Frame
0
0
Preflight
General
Full URL
https://links.release.narrativ.com/api/v2/smart_links/1081
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.56.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-56-198.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accept,content-type,x-bam-params,x-howl-pixel-version
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-None-Match,If-Modified-Since,X-BAM-Params,Access-Control-Allow-Headers,Access-Control-Request-Method,Access-Control-Request-Headers,Access-Control-Allow-Credentials,X-Howl-Pixel-Version
access-control-allow-methods
GET,HEAD,POST,PUT,OPTIONS,DELETE
access-control-allow-origin
*
content-length
71
content-type
application/json
date
Thu, 23 Nov 2023 01:10:36 GMT
/
events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/ Frame
0
0
Preflight
General
Full URL
https://events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/?uid_bam=1826114692262673635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.230.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-230-223.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
accept,content-type,x-bam-params,x-howl-pixel-version
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
accept, content-type, x-bam-params, x-howl-pixel-version
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.shefinds.com
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:36 GMT
server
openresty/1.21.4.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
x-bam-build-version
a71d446e00cfaae38614893f9b906e651af17b56
x-bam-env
release
x-robots-tag
none
659.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
59 KB
12 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/659.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4eccca0ba4ffedeaae12c42d64844c35669f4a28229afbfbb3d3aa6a119069cb

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:03 GMT
x-amz-version-id
jBHtzbeJqjSuMaHtFJVvOMw4uVoRGB7v
content-encoding
br
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
229053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
etag
W/"011cca850160e763b30d9c07a3865030"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
5iw7aSg7Zl_9jziieDWDxfl5iolqZ2ZgOcpthhhbh8kacGxtvIeHrA==
173.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
24 KB
6 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/173.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5808d2fc291af8ea4438e34c55c6f4f1e48223a33e460b2fa16dea500b77a7da

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:03 GMT
x-amz-version-id
dCmHEuVH.7T16O9QvYrg9QgAqjpXAQD_
content-encoding
br
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
229053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
etag
W/"130a82a32f7f95bb0eeb61987656a24a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
aFggRvYDcDNz1y8AVYuTYIO8eACWgfYQY301glJjNqy5gqvOaeHYyw==
908459
api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/
147 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/908459
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
e3d319688fb59ed25a3e9fd36d5aace83de1fae50918e135c6802bb9dcccb36b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://www.shefinds.com/
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:10:36 GMT
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
content-length
147
x-request-id
1bf4c959-899d-11ee-b627-9a985b576922
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
0m_oiz4i1s0NhWCl5kAwHJThytHdyrghGKviowR2E90SNvW_-sIUPg==
908459
api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/908459
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:36 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
rf23UNg8pVP865_fp5_4XTQ-q6t7wFn7t562o6-Q-Od1AxGZSGzlJw==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
33 KB
6 KB
Stylesheet
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
633967c8d74cf592ebb7ba7fb9bb2e305f1cba0c6321fa86a7b850f5b16fa0bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
C.Ak6kBXVIedEWgfFPis.li0mrcjHfYr
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"eba68fd1d6e00f025c7b6c5b7584d159"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
age
229053
x-amz-cf-id
8AG_sK1xKBDLdtGK4T0h4SdWSARIBuqR2uy278dsOpDXzK_Cr2D2HA==
175.js
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
138 KB
24 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/175.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a2425e8a1c28da595ca2691e04b33f4bd044372dad6abd3ac5caf6b4c8c106e

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
XkzBT7FQp.mKxlzEaE5LjnWZDcs4.dKo
content-encoding
br
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
229053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
etag
W/"9354dc5fa94d45c75b5d59d23e2111bf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
J3lzs-yd7ze8CX0bDib4uksLW_PNbbUuaaZD49WOhxqRAz9g7p9bYw==
open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
18 KB
19 KB
Font
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
3DigQa1vzROt94D2mp1Lr6POLKzOaWcb
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 09:32:54 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
229053
etag
"8d1c44b2bf75a4e6f1bd141f9a965f4f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
content-length
18664
x-amz-cf-id
m4KwqJNK0RNBMjVJu-GB9W6LBxTReUvRUb2GDdd9BXVhdCDfRrf_Kw==
fingerprint-logo.png
gdpr.privacymanager.io/1/ Frame BACF
3 KB
4 KB
Image
General
Full URL
https://gdpr.privacymanager.io/1/fingerprint-logo.png
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
m4hyVel7gQuV5CVeKdEwefAr7Yx3VJjs
date
Thu, 23 Nov 2023 00:34:29 GMT
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
2167
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:7f36743f-2da7-4da8-bdd2-972be408eb70
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d638594a4431fb92ce665bbc36a0fc3b
content-length
2962
last-modified
Mon, 20 Nov 2023 09:39:43 GMT
server
AmazonS3
etag
"b7cdca038062eecdc45c7351c6a539ad"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9c549b9aaf19a38afc86dda5fa45e8175aef1e696bf21c2aec180684e344f226
content-type
image/png
cache-control
must-revalidate,public,max-age=3600
accept-ranges
bytes
x-amz-cf-id
lz6dHl7608AoF_QdqSHugvDnWp2vGHFKZtivqnx4SUz1ISS9vZ9iIg==
icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
441 B
919 B
Image
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
3U91SDDOq8Cf.727QbuMTVPsAcKvknif
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
229053
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
441
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
etag
"e2760515a843a0256b4b810489b5426b"
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
ORTszDAXxkstK7Yu4p2D81y88RmoMdi4XEwyFt1EeGoiy5aY4yBuHA==
open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
18 KB
18 KB
Font
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
M7opExTSLWlEJDysS1xjmTVvQdusxhkH
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 09:32:54 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
229053
etag
"7271325623351f3cad9877d4dd9b2bf7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
content-length
18232
x-amz-cf-id
aDZ6F0Sq58s79vxK9lebOVltZJHjLYOVwzg0UaCJwKhZs9ylGwHh4A==
open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame BACF
18 KB
19 KB
Font
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-6.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:33:04 GMT
x-amz-version-id
OJ5u16t5674TeXgmGo73npMuCSOHRom0
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 09:32:54 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
229053
etag
"d9dba5ac184a0a14655560abe5c4aa9b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
content-length
18628
x-amz-cf-id
14G7Ol4d370HAuXsJMzXhFx-0DSgR38r1zzT5mdZ0C2bDenm1_NMGA==
ads.js
static-cdn.spot.im/production/ads/tags/v22.6.1/ads/
218 KB
66 KB
Script
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6628bb38dbad40075efa498edab7f3583f6a7ef5d1ab05379b8bc102d56cc4e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
SJGMNnUtOOtlfyFS4nl0AGa8xfzdB63s
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 00:24:01 GMT
last-modified
Mon, 06 Nov 2023 12:07:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
2796
x-amz-server-side-encryption
AES256
etag
W/"b739a886f99745a21efc3ca0109e0211"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
f3L9QvpDhp9BSj1Rg5RCFAxsAR0upvSinD2TcH4V19fTuuRv073mcQ==
ads.css
static-cdn.spot.im/production/ads/tags/v22.6.1/ads/
7 KB
2 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6aa34a54b7508314a0fec7604f3c0eafd8f7d51943eeb8f5297ac0e81dbce9da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
fqS2N.nzd4nYP3s7Ow7oQSNlth0xsyLb
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 08:25:02 GMT
x-amz-cf-pop
FRA60-P5
age
60335
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 06 Nov 2023 12:07:33 GMT
server
AmazonS3
etag
W/"cecbe9ed24a9a79c82fdfb53196fdedb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
mpHO12TW_fS64ZJ2w72cXmXQBfdXKrYGFbBysiCOd5Q9ICMK6pvJVg==
sp_BbylgSbK
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Thu, 23 Nov 2023 01:10:36 GMT
server
fasthttp
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
Gs4HNLOQGVFnGV434IsehWyL5k8a7196Qb5d7oZjzZfZU_O5U3zp3Q==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
authenticate
api-2-0.spot.im/v1.0.0/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:36 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
XabObX8CiDqXXMH0NMZBI7N-TwXbsFGhKp8UgYXJBcBq6AJSsfsdrA==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
sp_BbylgSbK
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/
25 B
807 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_BbylgSbK
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Accept
application/json
Referer
https://www.shefinds.com/
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:01:42 GMT
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
534
x-cache
Hit from cloudfront
content-length
25
x-request-id
dd928822-899b-11ee-88fb-3aa053d4a1fc
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
H6ZMxBvZwt165nPIJ09DxHmX7JHf1-2JuJl7gsqFAvbK4tl-5G5Ivg==
authenticate
api-2-0.spot.im/v1.0.0/
350 B
3 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/shell-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
bfece4033042c3537d96a8ca45d9b8bba03ac119f8a5ee994c6bbe96d42f56f4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spot-id
sp_BbylgSbK
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
content-length
350
x-spotim-token
01231123I8PW4a.c1df7c7332736cb461dc76aaa78f4f7e0cc3d54eea79460581076060238281ba
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc
x-request-id
1c1d13a1-899d-11ee-866d-824d587533ec
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
42LOAeui0D0Dvok-v_En508o9przrJpI9vYKXRu_euCoWAQlbcCo2Q==
918-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
137 KB
35 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/918-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94472b67a72a6e77e8421965e7cc558f19aed093e270e4609fcb37026e77ed13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:01 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
grQcC69CsL9uHWBeYFP7oRcgitYxGpfg
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
34928
last-modified
Thu, 16 Nov 2023 15:24:43 GMT
server
AmazonS3
etag
"d1ffea3e241c3ee17ad7fc94522b1521"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HoaKuKyZpSQAaZK6t7UBgqDWPmpkTXliIeDoM1WbDQ4DQpXVJdsVeg==
with-all-vendors-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
393 B
696 B
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/with-all-vendors-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:01 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
cJbMl2nHPrskNL4JkStBdE6bYUIo5oDu
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
218
last-modified
Thu, 16 Nov 2023 15:24:44 GMT
server
AmazonS3
etag
"9eeb9df073fd3a68df33c4f1d4a24d85"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rSkCLH4dJG9xJxEgbTNxDyU1FCCLI9mvUcCg2x4FQCqqfBofvAM_HA==
notifications-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
9 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7446608f783007b998f8bcf178c044468516c3c5b178a87c40378218ccefccd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
32hS.RBMYjRJOhJIkplNDK6gFFgCDEu6
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 08:12:02 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
61114
x-amz-server-side-encryption
AES256
etag
W/"5ed2b7717eecaf3c14602f5dc04ecb95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
tYS6yA947d7KL7zbvCNfaYmA9YyfGlVAA3V4gCyNY-T9ABnqXSGcIA==
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:36 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
nOHX-DRysYtKlaTUhIALyneyVvo9y1HvMoWMt95Juv84UcZC3VeguQ==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/
29 KB
4 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
c419aaec18698bd737e6303abe5f7c5268c5f2c85cca51840f76ed947c1dd2e8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
Referer
https://www.shefinds.com/
x-access-token
null

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-request-id
1c4048a2-899d-11ee-9414-dab73f7d0de6
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
31FCPm4Vc72_KBt5I4Mr7slwMgUs9_d_88OXXBbWGp97ODWQ6u1wdg==
src_next_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
4 KB
1 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_next_index_tsx-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bcede6c5d5aecc628e38729f2e1d81cd40d8512f71cdff84a1a0305d8402422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
bY774YUmW8n66LnNOzGqrd8DooB2kC._
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 00:06:08 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
3869
x-amz-server-side-encryption
AES256
etag
W/"111210e416d2b6b3a5edb5d643e9ca52"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
sIkePcLk9pzwPnZegJ4ZdSfLXcSYnqFmK9wJpIHCd2P8GGo3EW9fog==
popular-in-the-community.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/
155 KB
46 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/popular-in-the-community.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05607c46a0e139efa15b9f19a19b5c497fcf2bf908caab0a36ad2f51203dee5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
e44mf7gjXlm4yDY_.HpJ.x27iuDUa1UV
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 10:13:58 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
53799
x-amz-server-side-encryption
AES256
etag
W/"cace8c0e4f8db88bbc4ee3b009397e04"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
HQ0kBYdqIyXwxhZwzkS1vX91UFsAACrHQwoAmp2IpCseGApqrbwLqA==
pitc-boot-next.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/
5 KB
2 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/pitc-boot-next.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/popular-in-the-community.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bfbc44f1fd50ccbd8686d846b4b6d7c0ebb74ce8e3d2c1eb677964dcfb97cb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
GUzoYw6MZj7s2VDisPzLsUtUwT5M8lVc
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 01:42:12 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
84505
x-amz-server-side-encryption
AES256
etag
W/"31dfb9dd54d8e55ccee2a299b6aaa2db"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
FyoxeKX7PL0RzLHbDew407pErqi2lJNEWhVRfb6x-4fIl4v7bHugbg==
vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
268 KB
75 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
0bzDV2sV_STMMrRM496SmRZW_NGJvE71
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 10:09:38 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
54059
x-amz-server-side-encryption
AES256
etag
W/"65b6fded5f4ad8a82780bdb8f6a581a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
KbNv_3ZF3_plG4S_jrSJTfrZsLH6ObAsKeMdr56l3zGVtPrp06O-ew==
src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
67 KB
16 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61cfed754c3b86c633e0e69daef2962f40f426d4fe8bda08164fd7ab608f0e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
rAZ0xk39cnV7PZLcLnnzHbwBbdgEvTt7
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 10:08:05 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
54152
x-amz-server-side-encryption
AES256
etag
W/"5f391ab0d2d171dead272dafdae8a422"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
05PsvWyI_-yyDIM2XjIwa5GvHjjbaLFzm5qbwuFEBPsUXhyX5Z03PQ==
src_next_features_BootStickyNotifications_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
15 KB
5 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_next_features_BootStickyNotifications_index_tsx-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
785d2a3b79de241b223b69b3c0f95804da264cdf50c0074d0566e89bf11dfde7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
hDrcsWlaXjkDR40VRzuVHy7k_TIYQoII
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 00:09:38 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
3659
x-amz-server-side-encryption
AES256
etag
W/"21317135d3f4011c632887268f914c9d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
er7g97KxeB8hjvpBF9yxxvgfpamaFLJ7Hp3cocbjD47XMsWMG1qV1g==
pixels
pix.spot.im/api/v1/
0
230 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-84.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
GOxAdgzqrNQevpuKGp6GlyZ1Mfm0U7_I43y8tLMpqySrjpUXsfVADw==
styles.css
static-cdn.spot.im/production/notifications/tags/v1.23.1/
236 KB
17 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4d13db2de7ca2cfbdb0898a8d4f2b681438d63b6d037ab050ef3599773056f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
RW0xnZVefRKltbgJ8C0qyOyTyPYl0n_4
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 08:01:01 GMT
x-amz-cf-pop
FRA60-P5
age
61776
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
etag
W/"2801fd94aff85ac1d89a06bbb56ed91e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
cdtYThtBLgSWyn3LgnIWMavKTzOMYT9FWexXNJkvswDVJNzegSH-aw==
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
51 KB
16 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dcba414b1c25f5aee596e1838649955c29208028df62248eaa9cf57394ad70c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 08:23:51 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
9dK5GCXcI1U3T19usa0ArvfyzUj4yDR.
x-amz-cf-pop
FRA60-P5
age
492406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
15648
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"2a6027cedb0272aa31fce0f994db598f"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
f6wQ489OZtMTZA_I2LtQKpEbqH2s0C355XRJkVAPbY90V1LeLxOCxA==
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/
3 KB
1021 B
Image
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:01 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
PvVFfI9mHsbhHYu8DHY2kxGHkkfQiP6Y
x-amz-cf-pop
FRA60-P5
age
325716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
549
last-modified
Thu, 16 Nov 2023 15:24:43 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
o4jCwxj1d7tc1RFHneYwQdBPhfaEFOvEJD0Iuz6vdA3ITFkWDl509w==
352.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/
71 KB
25 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/352.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/popular-in-the-community.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0828ffd7a28dd19d418cbc4101f7ecbfd9fbee640afc279728ce91122ece4ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
uPx3DwZhgzN90x5g0549RgVZb0bgjuSO
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 10:14:05 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
53793
x-amz-server-side-encryption
AES256
etag
W/"076a67a8f518834cafdc520e1c927d61"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
vTVCp2wCijtVbzw3gdeAWz8m9reX6G-n6fKKbDLm0sj1JrsCD0Gj7A==
963.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/
26 KB
8 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/963.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/popular-in-the-community.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abe87445e2b7af2e7621b6d388e56c6bc6a480b07730e8e0288dcf5044a36912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
1nvNiZJfvWzhCTEhZvVHYRV2qhOHecpH
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 07:30:23 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
63615
x-amz-server-side-encryption
AES256
etag
W/"b9a36528a7a7d8c95c2ad68977c31e56"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
Qghg8kB4IhgQkIuyXpyF3mUJx9n1NTwYU4pegNihXiIj1MYgawxkbA==
963.css
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/
18 KB
3 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/963.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Kza1bzCnv1Jra2COXI_tFSAouOlZ3fXq
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 08:24:04 GMT
x-amz-cf-pop
FRA60-P5
age
60394
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
etag
W/"60e07ba3f7bef94388f0baafe0a17a75"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
jbeWvTbhNeR2nG71Wznrhs0qyveqQXBrDTb3kEc8MxGD5pUCmVO2Qg==
styles-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
37 KB
6 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/styles-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f449541930dc8900ab0217a894713d3ec86f5b3383663b3f618a939963c6ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 08:23:52 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
DVteF052AvTiii0qawcuwsYTiNetJxos
x-amz-cf-pop
FRA60-P5
age
492406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
5647
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"98f80de8d695445b6816476378d56810"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GlIJOydyEpIWLWvMZd7igUIJYueW42uUaxALT_bRzqO8XGTBD5BvIA==
vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
378 KB
97 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
354c4b1a9535b7673c1157272e3cd0f1f067d9a882361fa3d74f9f2f2ecda958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 08:23:52 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
uAeHUFZx1k.4s8QYl4UPdBbZP2B8cLoa
x-amz-cf-pop
FRA60-P5
age
492406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
98716
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"31933a0a4f4a23cbe7bc3c1e761e089f"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OMzAqPBq0bD3dy-FZcEa6Zksz5_lL8ecCxBh_2gIaAvjTh5RZT1FcQ==
app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
139 KB
37 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ea55154ff0a67115c641dc001115d6983429c0b875a0908f3ea440d7e1254ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 08:23:52 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
ITAsvaJHmsKXRvCj0CD5FTdicIcX_8Fl
x-amz-cf-pop
FRA60-P5
age
492406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
37640
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"317340a3ac746eb91ccf2450295e3907"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
a6pWoX8PBjkqMwuVD3WTLfZejDE6YIZDGpC43JonHqklYCHhZ57amQ==
app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
38 KB
12 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d174561c4b954fc0c6ccf7fe2732844cd18adf641d02ffc016b4a056eb845420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:22:18 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
vaFyf7qWrBlgEKQfWNuhwduB3CHdXj9W
x-amz-cf-pop
FRA60-P5
age
211700
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
11647
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"e6b01d258999044cf81e0fc8310d191d"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WO-P1ulrIUXuL3u4JUCSCVi0aZS1Qexukd2gI3v7v6fZF1A5aRuf0Q==
conversation-boot-next-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
9 KB
4 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-boot-next-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be160224ca14cdd17bc30739c6f854d3b127ba64b47066279e59de81bf618a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:01 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
cJpralWbL1dAbYGjG0njwXdNPa8jqWYC
x-amz-cf-pop
FRA60-P5
age
325717
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3174
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"91753449637f142784e6986e17b898b3"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lgfjY3mHR5S6DKecXuIwDYEE7kfT-bOwcJvbONoTp-hJDdQ2oySKHg==
styles.css
static-cdn.spot.im/production/conversation/tags/v3.87.0/
667 KB
39 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8193fb2c907238ea55eada1094dc96084b405acc7b27b9f07a59485847fb74df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 08:23:52 GMT
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-version-id
U1KtaBvxDEzBGPhp3gVjbNukBf_z9QRw
x-amz-cf-pop
FRA60-P5
age
492406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
39061
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"53d2696aa2dfae100314ffa20ac84f62"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DE3lnuN20_cSRhgqLtHMFjfzXHFyjzeZ_1X2YcVZU1Vd7pNnVCtUSQ==
matomo.php
mtm.shefinds.com/
0
146 B
Ping
General
Full URL
https://mtm.shefinds.com/matomo.php?action_name=Doritos%20Chips%20Are%20Being%20Pulled%20From%20Grocery%20Stores%20Due%20To%20Undeclared%20Ingredients%20-%20SHEfinds&idsite=2&rec=1&r=592858&h=2&m=10&s=36&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_id=e4ffd1488dcd76c4&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=4S0OUQ&pf_net=63&pf_srv=995&pf_tfr=16&pf_dm1=1211&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: mtm.shefinds.com
URL: https://mtm.shefinds.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.126.111.33 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li368-33.members.linode.com
Software
nginx / PHP/7.3.28, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:27 GMT
access-control-allow-credentials
true
server
nginx
x-powered-by
PHP/7.3.28, PleskLin
matomo.php
mtm.shefinds.com/ Frame 3976
0
146 B
Ping
General
Full URL
https://mtm.shefinds.com/matomo.php?action_name=iframe-modal&idsite=2&rec=1&r=813073&h=2&m=10&s=36&url=https%3A%2F%2Fwww.shefinds.com%2Fiframe-modal%2F&urlref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_id=e4ffd1488dcd76c4&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=4Zbi7l&pf_net=0&pf_srv=215&pf_tfr=1&pf_dm1=718&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: mtm.shefinds.com
URL: https://mtm.shefinds.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.126.111.33 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li368-33.members.linode.com
Software
nginx / PHP/7.3.28, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:27 GMT
access-control-allow-credentials
true
server
nginx
x-powered-by
PHP/7.3.28, PleskLin
pixels
pix.spot.im/api/v1/
0
227 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-84.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
rP-buhbx2OWvJRK9z-N3sW7eIcl1O2Uwm8bes8qewKYR4pWdvM42DQ==
async
api-2-0.spot.im/v1.0.0/conversation/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:37 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
6HL1CKfRk-c3gGY2HeQjA54ZWNjPK86YLsBYBzjI5A7ecOw6ysFeiQ==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
async
api-2-0.spot.im/v1.0.0/conversation/
3 B
2 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
content-length
3
x-spotim-token
01231123I8PW4a.c1df7c7332736cb461dc76aaa78f4f7e0cc3d54eea79460581076060238281ba
x-request-id
1c88b66a-899d-11ee-a5e6-6af9b23f3d68
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
v89PESMWxoox-3XUxwMSTi-gsysC5UDLVS06YBa3GcIuJ0e2k-oZrA==
ad-container-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
667 B
884 B
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/ad-container-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:03 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
_TigWZDO6QGBdkdZkvrC.0VVwSQABjjD
x-amz-cf-pop
FRA60-P5
age
325715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
406
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"e4fdb5f82b0df9e0b3d49f784d351444"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qYRHJtA8fc2QyL7EMmHT9xf3jVhRaCjQRlSJdu8Cmvlx_BEhWxaM9w==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:37 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
Tao6pTMjxgAWzvtIzBdPt4GmsT0oNHrNpUr99Y_Ftu6gBW9WF7YGYw==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/realtime/
59 B
859 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
6c4963d23c51a039a86838e86d360f4e715a5bfd03f8e8e4963cec537eb8ded8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
content-length
59
x-spotim-token
01231123I8PW4a.c1df7c7332736cb461dc76aaa78f4f7e0cc3d54eea79460581076060238281ba
x-request-id
1ca6c423-899d-11ee-bef8-be402cff3d60
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
x-amz-cf-id
RyItP8_vNgL5xo4u2oBcbUBkbsTOXhy0UQaD9WP5PGcOq_zU_YEs5A==
read
api-2-0.spot.im/v1.0.0/conversation/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:37 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
Ul7HxGJNx4uwV0dLkURhXlTp_JPahUp_r1iUsJj1qu_g3pWqM-g9fQ==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/
737 B
2 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
eb3f7ec2c09e15dbbff1fd0d37dbcbe3e1831e7c99367dd844b82fa6d7aedc55
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
01231123I8PW4a.c1df7c7332736cb461dc76aaa78f4f7e0cc3d54eea79460581076060238281ba
x-request-id
1cbd3174-899d-11ee-a3ce-428a314ce1bf
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
Obfq5OjCfjv-DYHeje1mK9iyt8yGnzo7ZzTWJFAFO-gCl3uAmMbw5A==
ad-choises.png
publisher-assets.spot.im/yad/
4 KB
5 KB
Image
General
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:25:55 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
53083
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
pfD5cpwZoINFpRm6735wnvjEpZl_2WyE6xHoElHmmMxjO6I-rhu6oQ==
908459
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/908459
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:37 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
FEq9sKBu-AqpHpY0hlsdMSZBvEIngc_DmtkFiLWnzs-mRdyyBDQgkw==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
908459
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/908459
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:37 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
bMeOgUDsRZ17V4UVyx8b6tFRHpqXgTRtLWAqaK3E2KeRVKmEzxasPw==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
908459
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/
38 KB
11 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/908459
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
31a0c396eeb4303afe043c14ca0c26e3efb383db9571c3021228468c34cb0724
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
01231123I8PW4a.c1df7c7332736cb461dc76aaa78f4f7e0cc3d54eea79460581076060238281ba
x-request-id
1cae0307-899d-11ee-a099-72a41ab330fe
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
vpP7WkbD-BoZKk32SmiOorC-KQuFbmMosVNdhpbAzsKchrIPXLh2GA==
908459
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/
38 KB
11 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/908459
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
31a0c396eeb4303afe043c14ca0c26e3efb383db9571c3021228468c34cb0724
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
01231123I8PW4a.c1df7c7332736cb461dc76aaa78f4f7e0cc3d54eea79460581076060238281ba
x-request-id
1caf2852-899d-11ee-9228-ce38c06c3cce
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id
XS2qr-xsDIbOeByVTIYw2gwl-x0lx7UFw1R0ojy4SxECypGV8OKOXw==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame BE3E
15 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:25:50 GMT
x-amz-version-id
4wJUii6vgZHbWIuFpSJC_DClvsTnqx1T
content-encoding
br
last-modified
Sat, 30 Sep 2023 14:56:12 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2688
x-amz-cf-id
iYzmXvfV_HyVsnyggfYqhF6XY0Zp2zlw0f6DBIcMj0BdX7gIUk-B_Q==
hb_270443_610.js
player.spotim.market/prebidlink/472417/ Frame BE3E
1 KB
1018 B
Script
General
Full URL
https://player.spotim.market/prebidlink/472417/hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6acdbc137bcb42eb192ecb4b7f44e294caedeb17b71aee0d2bd3179db6a9b4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-5ff"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BE3E
98 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb292d07922eec50918b939491aed7f545e7c3668af756619dc472cc0a8be8c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30438
x-xss-protection
0
server
cafe
etag
316 / 19684 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:10:37 GMT
wrapper_hb_270443_610.js
player.spotim.market/prebidlink/472417/ Frame BE3E
2 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/472417/wrapper_hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5fa9287ab474c0ff4ee70e1c3aa357e5e6fd79acfe9d51a76e4f573b7b7f7f3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-9f7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 4B51
15 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:25:50 GMT
x-amz-version-id
4wJUii6vgZHbWIuFpSJC_DClvsTnqx1T
content-encoding
br
last-modified
Sat, 30 Sep 2023 14:56:12 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2688
x-amz-cf-id
4LMOHijBgdELlYmyoK6qe4Ea5eimph7HL_e-TqI5Ga0mUFyKXRtxJA==
hb_270443_610.js
player.spotim.market/prebidlink/472417/ Frame 4B51
1 KB
1018 B
Script
General
Full URL
https://player.spotim.market/prebidlink/472417/hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6acdbc137bcb42eb192ecb4b7f44e294caedeb17b71aee0d2bd3179db6a9b4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-5ff"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4B51
101 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8484be3a358cf9146880edfb2f879e72ee66cd535a4ca8d1b7f4a2ecaf52758f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31494
x-xss-protection
0
server
cafe
etag
937 / 19684 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:10:37 GMT
wrapper_hb_270443_610.js
player.spotim.market/prebidlink/472417/ Frame 4B51
2 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/472417/wrapper_hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5fa9287ab474c0ff4ee70e1c3aa357e5e6fd79acfe9d51a76e4f573b7b7f7f3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-9f7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
ad-choises.png
publisher-assets.spot.im/yad/
4 KB
5 KB
Image
General
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:25:55 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
53083
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
vKMcaf01rePpUpArO7BUULy-Q1zSyrmHJuge0A6caUrXMI-DVIEVzg==
player.js
player.aniview.com/script/6.1/
39 KB
14 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
95bdb044ac1a7997502d29d7afdb09982d9d761043eb48fc4f9bcb94b24cfb97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpWaOiUJsOp4ujH1OU7fRCyijNwIgcQkUS8yVBlJQMZSQghq_l5j-NfahQ0z3FhpDTsquRw658xSg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
13552
last-modified
Wed, 22 Nov 2023 07:05:34 GMT
server
UploadServer
etag
"0110a2bff466c6f5f9af966de34570f1"
vary
Accept-Encoding
x-goog-generation
1700636734725184
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=TLqwBw==, md5=ARCiv/RmxvX5r5Zt40Vw8Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
13552
accept-ranges
bytes
expires
Thu, 23 Nov 2023 01:20:37 GMT
pixels
pix.spot.im/api/v1/
0
228 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-84.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
tzcvBRqcjSM9hbwIrwCMkXykR_L1Tev7f4fc9v7HbK2YgaHliQZSzg==
track
track1.aniview.com/
0
143 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&e=playerLoaded&cb=1700701837579&r=https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&e=playerLoaded&cb=1700701837581&r=https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ads.css
static-cdn.spot.im/production/ads/tags/v22.6.1/ads/
7 KB
2 KB
Stylesheet
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6aa34a54b7508314a0fec7604f3c0eafd8f7d51943eeb8f5297ac0e81dbce9da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
fqS2N.nzd4nYP3s7Ow7oQSNlth0xsyLb
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 08:25:02 GMT
last-modified
Mon, 06 Nov 2023 12:07:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
60336
x-amz-server-side-encryption
AES256
etag
W/"cecbe9ed24a9a79c82fdfb53196fdedb"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
1FWzjR-Df8LiPJvbjiyNny7a2tmaI7F4rDN3o9RTi9_wgjZUZ7JMOw==
ad-choises.png
publisher-assets.spot.im/yad/
4 KB
5 KB
Image
General
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:25:55 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
53083
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
u1UfyxUErUMzC6ZJMRMlC_-Al9C59aw_eDBJsbs-bzYau2mWa8YFjQ==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame F38E
15 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:25:50 GMT
x-amz-version-id
4wJUii6vgZHbWIuFpSJC_DClvsTnqx1T
content-encoding
br
last-modified
Sat, 30 Sep 2023 14:56:12 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2688
x-amz-cf-id
i_Zlv-1faqKb2MBwpyex2la-kc6Xhvt3f52jO1xgTIu-CS_9TUTjwQ==
hb_270443_610.js
player.spotim.market/prebidlink/1207806157048/ Frame F38E
1 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/1207806157048/hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6acdbc137bcb42eb192ecb4b7f44e294caedeb17b71aee0d2bd3179db6a9b4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-5ff"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F38E
98 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61bd8749933e2a9488be8ca1bcf799898eed05c9cb4029aca7ed711288edb75d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30436
x-xss-protection
0
server
cafe
etag
383 / 19684 / 31079694 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:10:37 GMT
wrapper_hb_270443_610.js
player.spotim.market/prebidlink/1207806157048/ Frame F38E
2 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/1207806157048/wrapper_hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5fa9287ab474c0ff4ee70e1c3aa357e5e6fd79acfe9d51a76e4f573b7b7f7f3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-9f7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
MISS
ad-choises.png
publisher-assets.spot.im/yad/
4 KB
5 KB
Image
General
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.6.1/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:25:55 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
53083
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
QK1KJBSHKs3ShWE_pNBoN_te-KIoH0tc05Ak7Z6P8KlatD2aBNmq2A==
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=60acbabfd11d982b09533bb5&e=playerLoaded&cb=1700701837640&r=https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame BE3E
445 KB
139 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0613995406f04b7c009012e2fb47977324e204f63ad3772049eac8ee4326655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:25:49 GMT
x-amz-version-id
o5v9nCjK2Trp53KPVPhxcYq9u2udEHmS
content-encoding
br
last-modified
Wed, 22 Nov 2023 23:47:00 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"dc95d05a728beddbaa77e9815cd32850"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2689
x-amz-cf-id
ygv-WuYrN78wLNBW-v139XJQyWw55fUJ-JKRFop5Ml7ktrnTnr-Ogg==
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 4B51
445 KB
139 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0613995406f04b7c009012e2fb47977324e204f63ad3772049eac8ee4326655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:25:49 GMT
x-amz-version-id
o5v9nCjK2Trp53KPVPhxcYq9u2udEHmS
content-encoding
br
last-modified
Wed, 22 Nov 2023 23:47:00 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"dc95d05a728beddbaa77e9815cd32850"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2689
x-amz-cf-id
1yrqsMYO974CMeFFYZXZJUTzdnsU9zULOikOdcfZ9vz9XTJmWhH5CA==
hbp_master_270443_610.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame BE3E
495 KB
157 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1bce3a073420ffcbf5ed7001270d7ffa577899b47c0632be0bcaaf3999ff4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 15:35:17 GMT
server
nginx
etag
W/"655b7cb5-7bc68"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_270443_610.js
player.spotim.market/prebidlink/5HLlE/ Frame BE3E
221 KB
53 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e2fd6d2f21d1ce1a965ef59dee0926b40f0b07c3f94d6780b22c4263c398e4d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-372e1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbp_master_270443_610.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 4B51
495 KB
157 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1bce3a073420ffcbf5ed7001270d7ffa577899b47c0632be0bcaaf3999ff4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 15:35:17 GMT
server
nginx
etag
W/"655b7cb5-7bc68"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_270443_610.js
player.spotim.market/prebidlink/5HLlE/ Frame 4B51
221 KB
53 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e2fd6d2f21d1ce1a965ef59dee0926b40f0b07c3f94d6780b22c4263c398e4d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-372e1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame F38E
445 KB
139 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0613995406f04b7c009012e2fb47977324e204f63ad3772049eac8ee4326655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:25:49 GMT
x-amz-version-id
o5v9nCjK2Trp53KPVPhxcYq9u2udEHmS
content-encoding
br
last-modified
Wed, 22 Nov 2023 23:47:00 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"dc95d05a728beddbaa77e9815cd32850"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2689
x-amz-cf-id
nevh-HmGPhB_maL5KP31ok3MWHdVQvHTn6dWKZyEm3aUH3zApNl3OQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ Frame BE3E
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:43:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
34039
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 21 Nov 2024 15:43:18 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 4B51
429 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
52320
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 21 Nov 2024 10:38:37 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 0FF1
456 KB
131 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7231a226beb47df9d7fd239300acd08e7a625da4515e6cdd96d779e463c7c0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpuLtO0eNPf4uXJuCp-gCz9NJYukVS7aw9APvUKcT8KGPKWbbxF3ejiJJbEjF8iJbOhDgtp5i1AuS5aWvvsNYVhEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
133295
last-modified
Wed, 22 Nov 2023 07:05:34 GMT
server
UploadServer
etag
"db22673e5bd08d9b6cdfaa9142c9ba84"
vary
Accept-Encoding
x-goog-generation
1700636734350182
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=jlBObA==, md5=2yJnPlvQjZts36qRQsm6hA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
133295
accept-ranges
bytes
expires
Thu, 23 Nov 2023 01:20:37 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 91A5
456 KB
131 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7231a226beb47df9d7fd239300acd08e7a625da4515e6cdd96d779e463c7c0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpuLtO0eNPf4uXJuCp-gCz9NJYukVS7aw9APvUKcT8KGPKWbbxF3ejiJJbEjF8iJbOhDgtp5i1AuS5aWvvsNYVhEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
133295
last-modified
Wed, 22 Nov 2023 07:05:34 GMT
server
UploadServer
etag
"db22673e5bd08d9b6cdfaa9142c9ba84"
vary
Accept-Encoding
x-goog-generation
1700636734350182
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=jlBObA==, md5=2yJnPlvQjZts36qRQsm6hA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
133295
accept-ranges
bytes
expires
Thu, 23 Nov 2023 01:20:37 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 1AFE
456 KB
131 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7231a226beb47df9d7fd239300acd08e7a625da4515e6cdd96d779e463c7c0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpuLtO0eNPf4uXJuCp-gCz9NJYukVS7aw9APvUKcT8KGPKWbbxF3ejiJJbEjF8iJbOhDgtp5i1AuS5aWvvsNYVhEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
133295
last-modified
Wed, 22 Nov 2023 07:05:34 GMT
server
UploadServer
etag
"db22673e5bd08d9b6cdfaa9142c9ba84"
vary
Accept-Encoding
x-goog-generation
1700636734350182
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=jlBObA==, md5=2yJnPlvQjZts36qRQsm6hA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=600
x-goog-stored-content-length
133295
accept-ranges
bytes
expires
Thu, 23 Nov 2023 01:20:37 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ Frame F38E
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 19:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
21517
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 21 Nov 2024 19:12:00 GMT
ping
api.viglink.com/api/
310 B
759 B
XHR
General
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.75.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-75-63.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
81280429eeeaf0ccf8c1d1f0fc88a2ee1ac2bc3fb4726cdc4b205a9291a47a27

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.shefinds.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
310
Expires
Thu, 01 Jan 1970 00:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame BE3E
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a9d2fcbe9ea44e132a6a3981d0669130e322cda144e0d188eb19e91763615beb

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:01:20 GMT
server
nginx
etag
W/"655ded90-83b"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=86400
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame BE3E
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:43:51 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
1607
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
3aevqipVCWeygio_WqF0Tph7goTx7ZL2gymDLP90c2dVg4ZJYwrdWA==
grumi.js
rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/ Frame BE3E
445 KB
138 KB
Script
General
Full URL
https://rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd69d14dc481a8975c0ab1f770daee7d7d44bfb3b502cc5d2851ae3a51b63a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:26:08 GMT
x-amz-version-id
._djAAUHXi3Yz1_jQWpJ42vuOIqnEQEu
content-encoding
br
last-modified
Wed, 22 Nov 2023 23:48:24 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"43c209663a33b62a3dd92c075f516874"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2670
x-amz-cf-id
58hrxt8JIQWVVAaSb7zbd5PmDXJvhkGuHh4WI9C-bclm-l1hjCzARQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4B51
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:43:51 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
1607
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
UCADth__7yIWhm4KafGpgIoAmEbwHQ9mjeA2YTHYvy2elZ88keClXA==
grumi.js
rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/ Frame 4B51
445 KB
138 KB
Script
General
Full URL
https://rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd69d14dc481a8975c0ab1f770daee7d7d44bfb3b502cc5d2851ae3a51b63a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:26:08 GMT
x-amz-version-id
._djAAUHXi3Yz1_jQWpJ42vuOIqnEQEu
content-encoding
br
last-modified
Wed, 22 Nov 2023 23:48:24 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"43c209663a33b62a3dd92c075f516874"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2670
x-amz-cf-id
19RIT5nQc7oLfjJ84-3s178-lUVWOplul-ZjINkQklGN4DTGqgWvdQ==
/
ghb.spotim.market/geo/ Frame BE3E
148 B
420 B
XHR
General
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8d0f6e423ee48a9a0cacf1690e40ea49fd4ee81ae7017568ebf57b6a299798c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
148
tracking
ghb.spotim.market/adunit/ Frame BE3E
43 B
431 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=610&pbjsv=v7.54.8&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=ahyokr.it&features=82016&vpbv=N200&lifecycle_tte=366
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.annocdn.com/prebidlink/19684/ Frame 72D4
1 KB
888 B
Document
General
Full URL
https://p.annocdn.com/prebidlink/19684/j.html?i=11594
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:37 GMT
etag
W/"620bee41-43d"
expires
Sat, 25 Nov 2023 01:10:37 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
/
ghb.spotim.market/geo/ Frame 4B51
148 B
420 B
XHR
General
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8d0f6e423ee48a9a0cacf1690e40ea49fd4ee81ae7017568ebf57b6a299798c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
148
tracking
ghb.spotim.market/adunit/ Frame 4B51
43 B
431 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=610&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=ahyolw.9g&features=82016&vpbv=N200&lifecycle_tte=346
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.jcontentcdn.com/prebidlink/19684/ Frame CF42
1 KB
888 B
Document
General
Full URL
https://p.jcontentcdn.com/prebidlink/19684/j.html?i=11595
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:37 GMT
etag
W/"620bee41-43d"
expires
Sat, 25 Nov 2023 01:10:37 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
hbp_master_270443_610.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame F38E
495 KB
157 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1bce3a073420ffcbf5ed7001270d7ffa577899b47c0632be0bcaaf3999ff4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 15:35:17 GMT
server
nginx
etag
W/"655b7cb5-7bc68"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 4B51
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a9d2fcbe9ea44e132a6a3981d0669130e322cda144e0d188eb19e91763615beb

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:01:20 GMT
server
nginx
etag
W/"655ded90-83b"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_270443_610.js
player.spotim.market/prebidlink/5HLlE/ Frame F38E
221 KB
53 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e2fd6d2f21d1ce1a965ef59dee0926b40f0b07c3f94d6780b22c4263c398e4d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:37 GMT
date
Thu, 23 Nov 2023 01:10:37 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 23:40:17 GMT
server
nginx
etag
W/"655e9161-372e1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
truncated
/
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
573 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
go1.aniview.com/api/adserver/tag/
57 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=pitc_dd&AV_CDIM4=69e8c91c-0d7c-450e-895d-53585b4e0e45&AV_CDIM5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.6.1&AV_CDIM11=A&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_DNTCHECK=1&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bb2ecd8f0b056213fec7&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=3&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6284bb2ecd8f0b056213fec7/www.shefinds.com&d36=6.2.143&responsive=1&sver=4&avtoken=837960&omv=1.0.1&clsid=dff1091c-ad04-4a80-b7ee-3b6e5265284d&rando=92&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1700701837963&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.0.146.6 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
ba4becbca672e57fc53fda209b9497b26a0b1cfbc69f442074a4f3bb4cebe766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sat, 11 Nov 2023 11:23:59 GMT
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc_dd&cd4=69e8c91c-0d7c-450e-895d-53585b4e0e45&cd5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.6.1&cd11=A&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.143&apppkg=&fv=3&proto=https&clsid=dff1091c-ad04-4a80-b7ee-3b6e5265284d&rando=92&pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&stagid=&stplid=&e=inventory&vi=0&cb=1700701837962
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/
58 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=69e8c91c-0d7c-450e-895d-53585b4e0e45&AV_CDIM5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.6.1&AV_CDIM11=A&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_DNTCHECK=1&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bb2ecd8f0b056213fec7&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=3&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6284bb2ecd8f0b056213fec7/www.shefinds.com&d36=6.2.143&responsive=1&sver=4&avtoken=837976&omv=1.0.1&clsid=d82a2067-1738-4e09-85ee-f8575934c503&rando=13&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1700701837976&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.0.146.6 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
5448767f1bf7f903cca0dbaeba86a07d89f36c103d48e36421d084ce240fd0bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sat, 11 Nov 2023 11:23:59 GMT
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc&cd4=69e8c91c-0d7c-450e-895d-53585b4e0e45&cd5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.6.1&cd11=A&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.143&apppkg=&fv=3&proto=https&clsid=d82a2067-1738-4e09-85ee-f8575934c503&rando=13&pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&stagid=&stplid=&e=inventory&vi=0&cb=1700701837976
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sync.js
api.viglink.com/api/
43 B
390 B
Script
General
Full URL
https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.75.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-75-63.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Apache-Coyote/1.1
Content-Type
image/gif;charset=UTF-8
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
api.viglink.com/api/
43 B
390 B
Image
General
Full URL
https://api.viglink.com/api/sync.gif?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.75.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-75-63.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Apache-Coyote/1.1
Content-Type
image/gif;charset=UTF-8
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hbw_master_307825_11594.js
p.annocdn.com/prebidlink/y19684/ Frame 72D4
123 KB
41 KB
Script
General
Full URL
https://p.annocdn.com/prebidlink/y19684/hbw_master_307825_11594.js
Requested by
Host: p.annocdn.com
URL: https://p.annocdn.com/prebidlink/19684/j.html?i=11594
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
165196e5cd4cae25ba97ba908ea650fde4c87a78279ff5d4a33c38024d7b9e6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/prebidlink/19684/j.html?i=11594
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 16:29:59 GMT
server
nginx
etag
W/"655b8987-1eda6"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Sat, 25 Nov 2023 01:10:38 GMT
hbw_master_307825_11595.js
p.jcontentcdn.com/prebidlink/y19684/ Frame CF42
123 KB
40 KB
Script
General
Full URL
https://p.jcontentcdn.com/prebidlink/y19684/hbw_master_307825_11595.js
Requested by
Host: p.jcontentcdn.com
URL: https://p.jcontentcdn.com/prebidlink/19684/j.html?i=11595
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
07ba114757fb383a3fcd2329b7844e5582700f652c3664a5058e65f52bf308ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/prebidlink/19684/j.html?i=11595
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 13:00:55 GMT
server
nginx
etag
W/"655dfb87-1eb3d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Sat, 25 Nov 2023 01:10:38 GMT
/
go1.aniview.com/api/adserver/tag/
52 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=conversation&AV_CDIM4=69e8c91c-0d7c-450e-895d-53585b4e0e45&AV_CDIM5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.6.1&AV_CDIM11=A&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_DNTCHECK=1&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=60acbabfd11d982b09533bb5&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/60acbabfd11d982b09533bb5/www.shefinds.com&d36=6.2.143&responsive=1&sver=4&avtoken=838083&omv=1.0.1&clsid=8decdf0a-5e26-4569-9d1a-8392fe5c6a7b&rando=77&AV_WIDTH=948&AV_HEIGHT=533&AV_CCPA=1---&AV_DNT=0&cb=1700701838084&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.0.146.6 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
72d1b7839c0e3520a08b51b21071cdb388a474509bc887a2b1d3fbe59b5f2939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:41 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sat, 11 Nov 2023 11:24:01 GMT
track
track1.aniview.com/
0
142 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=conversation&cd4=69e8c91c-0d7c-450e-895d-53585b4e0e45&cd5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.6.1&cd11=A&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=948&he=533&test=&d36=6.2.143&apppkg=&fv=1&proto=https&clsid=8decdf0a-5e26-4569-9d1a-8392fe5c6a7b&rando=77&pid=5e0e296628a061270b21ccab&cid=60acbabfd11d982b09533bb5&stagid=&stplid=&e=inventory&vi=0&cb=1700701838084
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame BE3E
537 B
803 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:35:19 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2119
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
og7pWFHnjdYnqb0uKJS2ufVuzh-Axih3fefYFWKlTYZMvS-g__Lshg==
config
c.amazon-adsystem.com/cdn/prod/ Frame BE3E
4 KB
5 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.shefinds.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:53:39 GMT
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
8218
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
brgEFzH898fKxam6gGW_HJwBMD6Tqc120gmhSuxRIYTYu22zkNBxoA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BE3E
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 06:14:53 GMT
x-amz-cf-pop
MUC50-P2
age
68146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
QD6B5zBnQCeLwOiLEQEO1aEVRPJlC1gSyA2gK5yz0tpLVAbisz_8Dw==
bid
aax.amazon-adsystem.com/e/dtb/ Frame BE3E
23 B
357 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&pid=X0pSRVW4tE8ad&cb=0&ws=336x280&v=23.1108.2350&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1513243389139-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.219.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-219-30.bah53.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 71e2e03bef11cc0381cb2986b1b064b2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BAH53-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
mZdktIotAJfQjNWqJlV2bKyACe4HorQ1jDhIGfZEAPArrc-mARkb8Q==
domains
api.viglink.com/api/
41 B
489 B
XHR
General
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.75.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-75-63.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
92ea371b097a7ecf7094f09b87fa16b74afd4c1d482c0aafd9b69f47d64a2df8

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.shefinds.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 4B51
537 B
802 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:35:19 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2119
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
vbB3-Mh3YgTX4errx31YYwyXinoVbaAliowSos6k3cyjkgnmQQXUMA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 4B51
4 KB
5 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.shefinds.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:53:39 GMT
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
8218
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
PT_BXHhvIPK9MuUgqOJ7jDuq4yF340n1nQcJ5p9onb8cyXQ-I260gA==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4B51
23 B
356 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&pid=6SSL4iYCKyudA&cb=0&ws=336x280&v=23.1108.2350&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1513243389139-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.219.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-219-30.bah53.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 71e2e03bef11cc0381cb2986b1b064b2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BAH53-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
sIJ2XpGXqyUWbafIeB6NmcLVt0cilFYj6GXHb-pRslBDmWjC2rUGhg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4B51
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 06:14:53 GMT
x-amz-cf-pop
MUC50-P2
age
68146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Ih7bWV0c1EE8YfzZwPZHZzaGOcmf15JwGteb8Dr02hRRBdzwwjxMGA==
csyncs
ghb.spotim.market/ Frame BE3E
2 KB
1 KB
XHR
General
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=767137&aid3=767587&aid4=833229&aid5=839059&aid6=850952&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ebd470b764650210102d5e7f09e05ab1a4c2f355f0ce5737ce4431a34f79d93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
786
csyncs
ghb.spotim.market/ Frame 4B51
2 KB
1 KB
XHR
General
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=767137&aid3=767587&aid4=833229&aid5=839059&aid6=850952&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
fd43d3dcc18f9ee94050f3591a4aff438c71000950cee843eafe3cd9720ef692

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
786
config.json
player.adtelligent.com/exchange_rates/279896/ Frame F38E
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a9d2fcbe9ea44e132a6a3981d0669130e322cda144e0d188eb19e91763615beb

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:01:20 GMT
server
nginx
etag
W/"655ded90-83b"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=86400
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame F38E
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:43:51 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
1608
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dp1WfU5u7eHnGkqSvgKGjcM3wjQdo7w5gciKOH7MCXALg5nmvjZbLA==
grumi.js
rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/ Frame F38E
445 KB
138 KB
Script
General
Full URL
https://rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd69d14dc481a8975c0ab1f770daee7d7d44bfb3b502cc5d2851ae3a51b63a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:26:08 GMT
x-amz-version-id
._djAAUHXi3Yz1_jQWpJ42vuOIqnEQEu
content-encoding
br
last-modified
Wed, 22 Nov 2023 23:48:24 GMT
server
AmazonS3
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"43c209663a33b62a3dd92c075f516874"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2671
x-amz-cf-id
ce9kl_SitFiHd3e7D5gak66RagEyb9I6heeQbSMn9JrzUWsKeZNp5w==
hb_307825_11595.js
player.adtelligent.com/prebidlink/ex19684/ Frame CF42
2 KB
1 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/ex19684/hb_307825_11595.js
Requested by
Host: p.jcontentcdn.com
URL: https://p.jcontentcdn.com/prebidlink/y19684/hbw_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
ef87125e3f6d1d7c2f83f656d6ff8e4a874a17673c832587e90cfa2eee7bcb05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 16:29:59 GMT
server
nginx
etag
W/"655b8987-603"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hb_307825_11594.js
player.adtelligent.com/prebidlink/ex19684/ Frame 72D4
2 KB
1023 B
Script
General
Full URL
https://player.adtelligent.com/prebidlink/ex19684/hb_307825_11594.js
Requested by
Host: p.annocdn.com
URL: https://p.annocdn.com/prebidlink/y19684/hbw_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6470613ca4a46ee2e14b1315f174db1726a06e40d0cd518aab5b4352930d128c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 13:00:55 GMT
server
nginx
etag
W/"655dfb87-603"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
/
onetag-sys.com/usync/ Frame A1E0
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 661D
132 B
349 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8c1c5ce09e1cfdd6e179fa798dec9b0324b3e79f4c78ee9c43d154f50fb5a66e

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:37 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
csync
sync.spotim.market/ Frame 0487
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID%2526%255BGDPR_APPLIES%255D%2526gdpr_consent%253D%255BG...
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:37 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
83c8b3dd-8879-4704-85f2-061e1043ef41
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:38 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
pixel
ap.lijit.com/ Frame 22B1
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 01:10:38 GMT
X-Sovrn-Pod
ad_ap3ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C38
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63916
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:38 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
%25%25YOUR_COOKIE_SYNC_URL%25%25
sync.app.copper6.com/ Frame A8DC
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25
  • https://ib.adnxs.com/bounce?%2Fgetuid%3F%252F%252Fsync.app.copper6.com%252Fcsync%253Fredir%253D%2525%2525YOUR_COOKIE_SYNC_URL%2525%2525
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%%
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
21 B
166 B
Document
General
Full URL
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a48454e324f1c09ade5eeecfa8cc16abf0da783a77d9639f4a4e112c01ca5f0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
21
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent

Redirect headers

Content-Length
0
Date
Thu, 23 Nov 2023 01:10:37 GMT
Etag
3cdf9bd93e9bc473
Location
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Server
Adtelligent
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4B51
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame 4B51
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1700701838373
  • https://ad.turn.com/r/cs?pid=45&rndcb=6331299860
  • https://sync.1rx.io/usersync/turn/8360122921520775269?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cba9f484-fa84-4304-9794-8bec57a29061-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-cba9f484-fa84-4304-9794-8...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
43 B
476 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
date
Thu, 23 Nov 2023 01:10:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcba9f484fa84430497948bec57a29061003
content-type
text/html
csync
sync.spotim.market/ Frame 4B51
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%...
  • https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
43 B
469 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
169
usermatchredir
ssum-sec.casalemedia.com/ Frame 4B51
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
43 B
343 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qjGMNSr86m9zJumTrkwXuPwPD%2FqyqGYdOZBVRO1YIxkkKhmueuAX8%2BxnUdqpZfNJYAPjZPdbPgSv%2BvISOe7%2BgdfjDqWsqPqqRLgyoGtzgEIicynb04fLU%2Bz%2FegsZSQBa0SbO061LTzoCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a58899ef4c3648-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAgY%2BbZzdssejCbz4oYdsoDTEE1SoVfKovtNG5UhkfFGQ26QGVAHWaiCpahvqZslHuGBq0ntEvUMwpQIU%2BDcXl12p4DGj9AkgVburZMC%2B3RzGCtJDQZ7N6D%2BiZ4Xisj21vcpyJqzEE3brQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
cache-control
no-cache
cf-ray
82a58899bf0f3648-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
csync
sync.adtelligent.com/ Frame 4B51
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
43 B
466 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4nKL3oARGgzMvoM3DqNc283pQpzx7A0OJnxjBNx2nCLut6aZo1x%2BGSprPBp2%2BPnpQ5jQ8t98T8o5pgKWu0NPTXUj97GuYibIoiUz9isGXIf5lqe9jFYE2bch7A7c279Kd7Mb%2BsxUI5Tdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
cache-control
no-cache
cf-ray
82a58899ef4e3648-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
ap.lijit.com/ Frame 4B51
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 01:10:38 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
ghb.spotim.market/geo/ Frame F38E
148 B
420 B
XHR
General
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8d0f6e423ee48a9a0cacf1690e40ea49fd4ee81ae7017568ebf57b6a299798c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
148
tracking
ghb.spotim.market/adunit/ Frame F38E
43 B
431 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=610&pbjsv=v7.54.8&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=ahyoxa.w6&features=82021&vpbv=N200&tte=689&lifecycle_tte=716
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.nodserving.com/prebidlink/19684/ Frame DAC9
1 KB
888 B
Document
General
Full URL
https://p.nodserving.com/prebidlink/19684/j.html?i=11600
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:38 GMT
etag
W/"620bee41-43d"
expires
Sat, 25 Nov 2023 01:10:38 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
csyncs
ghb.spotim.market/ Frame F38E
2 KB
1 KB
XHR
General
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=767137&aid3=767587&aid4=833229&aid5=839059&aid6=850952&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
740c0c7594e6e2a789241e22ca3f7172865ecf162966316f7ce72abca2bf32e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
778
tag
btloader.com/ Frame BE3E
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
52 KB
18 KB
Script
General
Full URL
https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68862c1f5de50b2e8d4b7793393282ef5b872d198523bd3c741aa254bacb463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Thu, 23 Nov 2023 01:09:13 GMT
server
cloudflare
etag
"654de7a8e799b1b2a17ab6da32bc527e"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
82a5889ceb2a368a-FRA
content-length
17869

Redirect headers

date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 google
cf-cache-status
EXPIRED
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=shefinds.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
82a5889c1a43368a-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame BE3E
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Nov 2023 01:25:38 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame BE3E
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
68508
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
TrLWjm4OLc9AEeeAx29IONnSzMYBCJtl2fmCl8-cL3unCJNQ_6E_mA==
hadron.js
cdn.hadronid.net/ Frame BE3E
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_it=amazon&partner_id=471
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
611
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82a58899ee461e5c-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame BE3E
155 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
KAM9F7HCTESV6GKG
age
2972
etag
W/"7e3d98894def0807c1c46e98e575ca88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82a5889a19a99a0f-FRA
x-amz-id-2
GKR6tYuUyN7TINNVBkpKfUR7gsIHckZ0knLzils5vKEArSmP39Z9dm9bn7rdQ4c5NbLQeyunn3P9FKq75v7MHg==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame BE3E
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 23 Nov 2023 01:25:38 GMT
/
ghb.adtelligent.com/geo/ Frame CF42
148 B
421 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.jcontentcdn.com
URL: https://p.jcontentcdn.com/prebidlink/y19684/hbw_master_307825_11595.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8d0f6e423ee48a9a0cacf1690e40ea49fd4ee81ae7017568ebf57b6a299798c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.jcontentcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
148
tracking
ghb.adtelligent.com/adunit/ Frame CF42
43 B
434 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11595&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=ahyoyc.le&features=16480&vpbv=N200&lifecycle_tte=462
Requested by
Host: p.jcontentcdn.com
URL: https://p.jcontentcdn.com/prebidlink/y19684/hbw_master_307825_11595.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.jcontentcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
ghb.adtelligent.com/geo/ Frame 72D4
148 B
417 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.annocdn.com
URL: https://p.annocdn.com/prebidlink/y19684/hbw_master_307825_11594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8d0f6e423ee48a9a0cacf1690e40ea49fd4ee81ae7017568ebf57b6a299798c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.annocdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
148
tracking
ghb.adtelligent.com/adunit/ Frame 72D4
43 B
430 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11594&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=ahyoyh.3n&features=16480&vpbv=N200&lifecycle_tte=467
Requested by
Host: p.annocdn.com
URL: https://p.annocdn.com/prebidlink/y19684/hbw_master_307825_11594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.annocdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
tag
btloader.com/ Frame 4B51
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
52 KB
18 KB
Script
General
Full URL
https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68862c1f5de50b2e8d4b7793393282ef5b872d198523bd3c741aa254bacb463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Thu, 23 Nov 2023 01:09:13 GMT
server
cloudflare
etag
"654de7a8e799b1b2a17ab6da32bc527e"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
82a5889ceb3d368a-FRA
content-length
17869

Redirect headers

date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 google
cf-cache-status
EXPIRED
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=shefinds.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
82a5889c1a41368a-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4B51
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Nov 2023 01:25:38 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 4B51
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
68508
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
e_WVQCGV45lxhNFNb-20Yo-bEuElAkaNuqH30ScgB9SLfJM0z_rwLw==
hadron.js
cdn.hadronid.net/ Frame 4B51
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_it=amazon&partner_id=471
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
611
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82a5889a1e6b1e5c-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 4B51
155 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
KAM9F7HCTESV6GKG
age
2972
etag
W/"7e3d98894def0807c1c46e98e575ca88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82a5889a19ab9a0f-FRA
x-amz-id-2
GKR6tYuUyN7TINNVBkpKfUR7gsIHckZ0knLzils5vKEArSmP39Z9dm9bn7rdQ4c5NbLQeyunn3P9FKq75v7MHg==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 4B51
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 23 Nov 2023 01:25:38 GMT
vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-e88be4-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
51 KB
15 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-e88be4-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24cc446819c63f67b0e42cb62f581447d60af76d17f304dfddd31bde8108d137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:04 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
jj9dkQjeO0Aqndrf0AbQphkNOTbYCdl8
x-amz-cf-pop
FRA60-P5
age
325715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
15234
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"f2e138fdef26895cbe5cedd85f39406a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Z2-_LI3EN7YRpQ0kbWroybMHp36ChYvaLfyhynK7LEbeRIA7EXPvlA==
conversation-component-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.87.0/
117 KB
31 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-component-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a09b5e91316f95d3a2041a7afafb859b2d2c489e0edef49edb38ab467371c76d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 06:42:04 GMT
content-encoding
br
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
x-amz-version-id
9.Cma01EIusGrujWYnajV3duNeY1Cj2e
x-amz-cf-pop
FRA60-P5
age
325715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
31344
last-modified
Thu, 16 Nov 2023 15:22:07 GMT
server
AmazonS3
etag
"956bae2c052d12bd104f0f9248fce1cc"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bdHTh33tDq9MWqOqKcrfpAdRajQyN2cbGAruW14lkLEM5UkFymo3OA==
csync
sync.spotim.market/ Frame BE3E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=1283715812
  • https://sync.1rx.io/usersync/turn/8288065327482847333?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cba9f484-fa84-4304-9794-8bec57a29061-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-cba9f484-fa84-4304-9794-8...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
43 B
476 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
date
Thu, 23 Nov 2023 01:10:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcba9f484fa84430497948bec57a29061003
content-type
text/html
csync
sync.adtelligent.com/ Frame BE3E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjuTGgZKJt24TvbqFLAAA%261198
43 B
466 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjuTGgZKJt24TvbqFLAAA%261198
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hCasOnYf%2BgtLBeaXD9EXOCd8g8b1rIvvlZg%2FWHnoIHo1fl%2FAKo2VYn3EZGSmCsO6VOZeo%2FXMpBl%2BkGqL0imKFZ4fourr6owLsux08mCxCp7M0%2FhCHhSs1D8Q6d%2BYgD6PRen1yPfQO8yCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjuTGgZKJt24TvbqFLAAA%261198
cache-control
no-cache
cf-ray
82a5889a1a149954-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
csync
sync.spotim.market/ Frame BE3E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
43 B
469 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
169
/
onetag-sys.com/usync/ Frame 5FB6
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame BE3E
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 01:10:38 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.spotim.market/ Frame 3E58
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:37 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
4d1ec421-1b6a-4da6-b74a-542a22b8fee7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:38 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
pixel
ap.lijit.com/ Frame A7F1
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 01:10:38 GMT
X-Sovrn-Pod
ad_ap3ams1
isyn
prebid.a-mo.net/ Frame 59D7
132 B
255 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8c1c5ce09e1cfdd6e179fa798dec9b0324b3e79f4c78ee9c43d154f50fb5a66e

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:38 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usermatchredir
ssum-sec.casalemedia.com/ Frame BE3E
43 B
751 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry7QjXgN0DhEBPCsOc5s0u8OiB0FhpcqP5wPPTkLEahSIAubW9wl%2FSraJEo2wRgKOoo1wN%2BvBPxE%2Bnwm%2BdQrHChfze8ZEQNR%2Bvw5p0ADikZQeKBkwyAoy7dCKqpjXdXyIdu0%2FOU89dmv%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a58899ef493648-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 76B0
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63916
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:38 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
%25%25YOUR_COOKIE_SYNC_URL%25%25
sync.app.copper6.com/ Frame 485A
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%%
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
21 B
166 B
Document
General
Full URL
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a48454e324f1c09ade5eeecfa8cc16abf0da783a77d9639f4a4e112c01ca5f0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
21
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent

Redirect headers

Content-Length
0
Date
Thu, 23 Nov 2023 01:10:37 GMT
Etag
3cdf9bd93e9bc473
Location
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Server
Adtelligent
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BE3E
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:37 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
btn.js
d3r7h55ola878c.cloudfront.net/btn/1.0.2/
0
0
Script
General
Full URL
https://d3r7h55ola878c.cloudfront.net/btn/1.0.2/btn.js?_=1700701838386
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638309596900002776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-62.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

csync
sync.spotim.market/ Frame 661D
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
c1e8d2b888007907
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 661D
4 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
AMS50-C1
age
510
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"594c94f05d6e65f49ee3acdd5d971b89"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82a5889a5a5a3a79-FRA
x-amz-cf-id
vlI0ZG8VuVAreg5Dt4JuwOVmpoJJZDIVDSAuSP_MVMAu7EwKw-Mk3w==
expires
Thu, 23 Nov 2023 02:10:38 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F38E
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame F38E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=3244697517
  • https://sync.1rx.io/usersync/turn/8432180515558703205?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cba9f484-fa84-4304-9794-8bec57a29061-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-cba9f484-fa84-4304-9794-8...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
43 B
476 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-cba9f484-fa84-4304-9794-8bec57a29061-003
date
Thu, 23 Nov 2023 01:10:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcba9f484fa84430497948bec57a29061003
content-type
text/html
pixel
ap.lijit.com/ Frame AD08
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 01:10:38 GMT
X-Sovrn-Pod
ad_ap3ams1
csync
sync.adtelligent.com/ Frame F38E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
43 B
466 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LoX8D8P8vUI2L%2BlBNcwRdSOzBrpvP6savj7U%2BlHZsL%2Fuv9uya0yQ5nj2daLdvulDd92JE3jYVrTDJqzb%2BircmG%2FacA0DEdcrmM%2B7w1iMtrgOY4O5Plbiho3ZS99dTbMf%2FJ%2F8wTWaJ6%2FpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
cache-control
no-cache
cf-ray
82a5889a0a089954-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
csync
sync.spotim.market/ Frame F38E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
43 B
469 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ep=482928&extuid=b7b8e429-0b74-4603-96e7-b87a68a90395
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
169
/
onetag-sys.com/usync/ Frame 74CD
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame F38E
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 01:10:38 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usermatchredir
ssum-sec.casalemedia.com/ Frame F38E
43 B
737 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V11XiUN88D1lA2FwNVtpNU%2B2y2vfMdNTcxz%2BfD758r%2FfUHtMAIl%2BuLcE%2Bajggx4RbvY2YCo3Fi9RJKibg%2FbGrPUy7%2BJx4925gfE5jefBl21GL0KzQA1278r0txFrQK%2BgQjZ9dHDIjCldJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a5889a1a139954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
csync
sync.spotim.market/ Frame 6F85
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:37 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
28b1437e-461d-496d-9d4a-34e9febedae4
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:38 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B7F1
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63916
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:38 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 6250
132 B
232 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8c1c5ce09e1cfdd6e179fa798dec9b0324b3e79f4c78ee9c43d154f50fb5a66e

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:37 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
%25%25YOUR_COOKIE_SYNC_URL%25%25
sync.app.copper6.com/ Frame 0961
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%%
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
21 B
166 B
Document
General
Full URL
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a48454e324f1c09ade5eeecfa8cc16abf0da783a77d9639f4a4e112c01ca5f0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
21
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent

Redirect headers

Content-Length
0
Date
Thu, 23 Nov 2023 01:10:37 GMT
Etag
3cdf9bd93e9bc473
Location
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Server
Adtelligent
hbp_master_307825_11595.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame CF42
332 KB
107 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19684/hb_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2d6e6c8a1071aae65f4a9c782db1199e21f1f2eb823603bb33a850a66276e0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 01:23:37 GMT
server
nginx
etag
W/"65371c99-52ee0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbp_master_307825_11594.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 72D4
346 KB
112 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19684/hb_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78a2b84143ee8dc53f94e2e2d77b1930e1d6b2bcbc68d803b1f66231b537a774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 01:23:37 GMT
server
nginx
etag
W/"65371c99-566c2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_307825_11600.js
p.nodserving.com/prebidlink/y19684/ Frame DAC9
123 KB
40 KB
Script
General
Full URL
https://p.nodserving.com/prebidlink/y19684/hbw_master_307825_11600.js
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/19684/j.html?i=11600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
43893511a5f10d80d0c6de28724e59a3623fadfe5c7a2343d9eb5ccdbb3da061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/prebidlink/19684/j.html?i=11600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 13:00:55 GMT
server
nginx
etag
W/"655dfb87-1eb39"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Sat, 25 Nov 2023 01:10:38 GMT
csync
sync.spotim.market/ Frame 59D7
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
c1e8d2b888007907
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 59D7
4 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
AMS50-C1
age
510
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"594c94f05d6e65f49ee3acdd5d971b89"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82a5889a5a5b3a79-FRA
x-amz-cf-id
vlI0ZG8VuVAreg5Dt4JuwOVmpoJJZDIVDSAuSP_MVMAu7EwKw-Mk3w==
expires
Thu, 23 Nov 2023 02:10:38 GMT
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame F38E
537 B
802 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:35:19 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2119
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
q1pdNbOH-Huic82vjub8bIYYBXU2SsfpNmGA2lG7lguxAUX_VrSPdw==
config
c.amazon-adsystem.com/cdn/prod/ Frame F38E
4 KB
5 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.shefinds.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:53:39 GMT
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
8218
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
VQ7KMx-saDeRL0X2BBIA7tOBqFVJyJ4fA7acjtC3RXXbd9tdGevFeA==
bid
aax.amazon-adsystem.com/e/dtb/ Frame F38E
23 B
356 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&pid=xEnUvkhIyoxUa&cb=0&ws=728x280&v=23.1108.2350&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1695210273163-0%22%2C%22s%22%3A%5B%22320x250%22%2C%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.219.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-219-30.bah53.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:37 GMT
via
1.1 71e2e03bef11cc0381cb2986b1b064b2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BAH53-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BNX0AvqWk7AAxlGVpDUaZ51kzZ8Aoe-Q0A2Np8UQkH4f8qSq4CQ2Sw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F38E
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 06:14:53 GMT
x-amz-cf-pop
MUC50-P2
age
68146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
CLT0pnBIdHajcY3da30vOhPhgxnqvGB5QkzsTJbij9PyU9LC1so1qw==
csync
sync.spotim.market/ Frame 6250
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:37 GMT
Server
Adtelligent
Etag
c1e8d2b888007907
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 6250
4 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
AMS50-C1
age
510
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"594c94f05d6e65f49ee3acdd5d971b89"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82a5889a8a733a79-FRA
x-amz-cf-id
vlI0ZG8VuVAreg5Dt4JuwOVmpoJJZDIVDSAuSP_MVMAu7EwKw-Mk3w==
expires
Thu, 23 Nov 2023 02:10:38 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8C38
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86771335&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-length
0
map
bcp.crwdcntrl.net/6/ Frame BE3E
60 B
336 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3821fb71b3f71bcee50d9e3875b88aeda054ffebe2d854d6df4fa91bb3678cdf

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.45.18.177
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ Frame BE3E
97 B
287 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.shefinds.com&url=https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_it=amazon&partner_id=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d6fc441effbdb2982f6c2173b2cc3de5bea1776bfa85cf1a0650830e6c68a4

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82a5889b88429073-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.shefinds.com&url=https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
82a5889adff39073-FRA
content-length
0
content-type
application/json
date
Thu, 23 Nov 2023 01:10:38 GMT
debug
OPTIONS block
expires
Fri, 22 Nov 2024 01:10:38 GMT
server
cloudflare
hb_307825_11600.js
player.adtelligent.com/prebidlink/ex19684/ Frame DAC9
2 KB
1023 B
Script
General
Full URL
https://player.adtelligent.com/prebidlink/ex19684/hb_307825_11600.js
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19684/hbw_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bad420bc6de1fe9379cb6b2231bbf07e285c540041e25c69c5bc882d8f166ae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 13:00:55 GMT
server
nginx
etag
W/"655dfb87-603"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
user.svg
static-cdn.spot.im/production/icons/fa/solid/
336 B
765 B
Image
General
Full URL
https://static-cdn.spot.im/production/icons/fa/solid/user.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
882441b5453d61d492bd76c8101b6f83884902ee7a86741d33f94ef682e35f76

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
wxanQLIGSlIqZYG2N0o0l3JaJE0Q4N_r
date
Thu, 23 Nov 2023 00:04:02 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
3997
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
336
last-modified
Wed, 22 Jan 2020 14:59:38 GMT
server
AmazonS3
etag
"e086c24763139e41b0d4fa7ef5330336"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Tqvpsa89rS83HgV85hE0AKKHKfsSCjWmv2eB1zvR8sVMb2rnc19wyQ==
openweb-symbol-v2.svg
static-cdn.spot.im/production/icons/custom/
6 KB
3 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-symbol-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
a4LwvXxBiI2uL8zrMqiGV0xmsVieM496
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 08:12:03 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
61116
etag
W/"09ba69b6c3a7136d63fe98562c0114af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
wAhkRMO5-BmTxc643RWCK4jGvRFr_t5g4Yd6tGQ6KhyLnRUFo2bZ1A==
openweb-text-v2.svg
static-cdn.spot.im/production/icons/custom/
4 KB
2 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-text-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.87.0/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-103.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
tIeb0BF074BwTuW6cmg0uAMaxL6ImEvW
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 10:37:13 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
52406
etag
W/"9fc6e633e804dd0fd3d6d352bac7c139"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
9CLBP06OANZRsEJlsc4vvB1d8lWDJZFw8YEnJPodBc4bUK8WF087pg==
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 4B51
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 23 Nov 2023 01:25:38 GMT
tag
btloader.com/ Frame F38E
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
52 KB
18 KB
Script
General
Full URL
https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68862c1f5de50b2e8d4b7793393282ef5b872d198523bd3c741aa254bacb463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 01:09:13 GMT
server
cloudflare
age
1
etag
"654de7a8e799b1b2a17ab6da32bc527e"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
82a5889e6c7d368a-FRA
content-length
17869

Redirect headers

date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=shefinds.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
82a5889e4c69368a-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame F38E
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Nov 2023 01:25:38 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame F38E
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
68508
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
iH__1PcFEfQb7XWN0pGLBZRxaSEu_pnaDStIxB6-i9_WaQMqSUUyvw==
hadron.js
cdn.hadronid.net/ Frame F38E
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&_it=amazon&partner_id=471
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
611
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82a5889baf701e5c-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame F38E
155 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
KAM9F7HCTESV6GKG
age
2972
etag
W/"7e3d98894def0807c1c46e98e575ca88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82a5889baa789a0f-FRA
x-amz-id-2
GKR6tYuUyN7TINNVBkpKfUR7gsIHckZ0knLzils5vKEArSmP39Z9dm9bn7rdQ4c5NbLQeyunn3P9FKq75v7MHg==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame F38E
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 23 Nov 2023 01:25:38 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame BE3E
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 23 Nov 2023 01:25:38 GMT
map
bcp.crwdcntrl.net/6/ Frame 4B51
60 B
334 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b9946dbce09bf771b0ed1b204c67730897acf83b0c7c0bd3631caaf814854ac1

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.45.10.45
access-control-allow-credentials
true
content-length
60
expires
0
config.json
player.adtelligent.com/exchange_rates/307824/ Frame CF42
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a9d2fcbe9ea44e132a6a3981d0669130e322cda144e0d188eb19e91763615beb

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:01:26 GMT
server
nginx
etag
W/"655ded96-83b"
content-type
application/json
access-control-allow-origin
https://p.jcontentcdn.com
cache-control
max-age=86400
x-proxy-cache
HIT
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 72D4
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a9d2fcbe9ea44e132a6a3981d0669130e322cda144e0d188eb19e91763615beb

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:01:26 GMT
server
nginx
etag
W/"655ded96-83b"
content-type
application/json
access-control-allow-origin
https://p.annocdn.com
cache-control
max-age=86400
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ Frame DAC9
148 B
420 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19684/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8d0f6e423ee48a9a0cacf1690e40ea49fd4ee81ae7017568ebf57b6a299798c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.nodserving.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
148
tracking
ghb.adtelligent.com/adunit/ Frame DAC9
43 B
307 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11600&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=ahyp63.g2&features=16480&vpbv=N200&lifecycle_tte=389
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19684/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:38 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.nodserving.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
471
a.ad.gt/api/v1/u/matches/ Frame BE3E
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa76122a388b4cb395fa0146880ad82c029f47f602e2e23d143f8a0f9ca28ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 01:08:14 GMT
server
cloudflare
age
144
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82a5889c49ad37da-FRA
hbp_master_307825_11600.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame DAC9
332 KB
107 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19684/hb_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2d6e6c8a1071aae65f4a9c782db1199e21f1f2eb823603bb33a850a66276e0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:10:38 GMT
date
Thu, 23 Nov 2023 01:10:38 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 01:23:37 GMT
server
nginx
etag
W/"65371c99-52ee0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 4B51
190 B
464 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 23 Nov 2023 01:40:39 GMT
read
api-2-0.spot.im/v1.0.0/conversation/realtime/
657 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.15.0/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b006688d3d0e75e29f0e9ca9604e36564ba59cc29391935901af7cd0227a65fe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
x-post-id
908459
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
69e8c91c-0d7c-450e-895d-53585b4e0e45
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
x-spotim-device-uuid
be6ba606-044e-4070-9e1d-7022439f1a3c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
01231123I8PW4a.c1df7c7332736cb461dc76aaa78f4f7e0cc3d54eea79460581076060238281ba
x-request-id
1d74df8b-899d-11ee-a295-eee3cf05d063
x-guid
be6ba606-044e-4070-9e1d-7022439f1a3c
server
fasthttp
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
x-amz-cf-id
Vw9Z6GtBhywHh-WPnH7WsWKNokxPxMFFbGxF6iLP_sydSZXBbSLcDg==
state
api.btloader.com/mw/ Frame 4B51
0
39 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame 4B51
43 B
341 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94239
x-guploader-uploadid
ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzYTcG4ZyzPsrkrzcDuAcj03LvjD8t5NP%2BqR9iSRXod4MZO%2F%2FBprtEtpcIiKYqzNdonh9PzRsb3DHKgGlmEvBTVEg6pBbNciqPCdkvjuWK%2FgHrKLmt9%2FSkpTR6Niumwp2Vu3dXS0Im41qkHCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a5889e3bbe365a-FRA
expires
Tue, 21 Nov 2023 23:44:24 GMT
favicon.ico
ad.doubleclick.net/ Frame 4B51
1 KB
165 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 20:50:18 GMT
px.gif
ad-delivery.net/ Frame 4B51
43 B
341 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6105663335312606
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94239
x-guploader-uploadid
ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSlAaaWUfNsc1yBvRmHMJ%2F5jDEeaevqwQwpgNxEIo1DKYzAaMZmKJuB%2FMjE5ISHPlWLBYkCK0dPE5dNB%2FgLyU0oCo1Dpoxb%2Fnoe352vGRkrOo2Y%2BGoaRyIpbQK7SVyTgyFZNpbRALjXtRcxmvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a5889e3bbf365a-FRA
expires
Tue, 21 Nov 2023 23:44:24 GMT
px.gif
ad-delivery.net/ Frame BE3E
43 B
344 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94239
x-guploader-uploadid
ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZb7%2B4d6t4vumWKAOsPWzF7OLngXTOruOnXlhWFWLB7P9GjWFMYmfHKUC9uz%2BCLTAHCxfjbXGjPB%2BzMhXNx%2F1eMUjJsYplM5oARjs%2BRckCy7M6cAb7q5S7RrofvFuLgXGzB%2FeMwj7M75bnx8fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a5889e3bbb365a-FRA
expires
Tue, 21 Nov 2023 23:44:24 GMT
favicon.ico
ad.doubleclick.net/ Frame BE3E
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 20:50:18 GMT
state
api.btloader.com/mw/ Frame BE3E
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame BE3E
43 B
921 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6098506354563051
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94239
x-guploader-uploadid
ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PLaKJNkQLxqjjZY%2BMfoi3FVZYV03uyusKz8sXjAVdTgwLjEtV6bdixd%2FLPX6v2poB76WCQTYWlBU2WjH9DHUXrTASGjax%2B2%2BealuefvYCfzGDaIiWWweNWrovrigJLcsLz4WKH8L8oCJNyQEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a5889e3bbd365a-FRA
expires
Tue, 21 Nov 2023 23:44:24 GMT
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-46.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Thu, 23 Nov 2023 01:10:38 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
x-amz-cf-id
jN6vRFXkxHL3IGbOGLz5Hm2-tZI7YftADuFYbF6jgbrfxUzohFxM_g==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame BE3E
190 B
463 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 23 Nov 2023 01:40:39 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 4B51
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Thu, 23 Nov 2023 01:25:39 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame F38E
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 23 Nov 2023 01:25:39 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame BE3E
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Thu, 23 Nov 2023 01:25:39 GMT
map
bcp.crwdcntrl.net/6/ Frame F38E
60 B
335 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3869145c734135dd43b803529a711d2662d1c11c1bef313af5cd188c1cc40297

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.45.24.172
access-control-allow-credentials
true
content-length
60
expires
0
config.json
player.adtelligent.com/exchange_rates/307824/ Frame DAC9
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a9d2fcbe9ea44e132a6a3981d0669130e322cda144e0d188eb19e91763615beb

Request headers

Referer
https://p.nodserving.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 24 Nov 2023 01:10:39 GMT
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:01:26 GMT
server
nginx
etag
W/"655ded96-83b"
content-type
application/json
access-control-allow-origin
https://p.nodserving.com
cache-control
max-age=86400
x-proxy-cache
HIT
prebid
prebid.deepintent.com/ Frame
0
0
Preflight
General
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 23 Nov 2023 01:10:38 GMT
server
c
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 23 Nov 2023 01:10:39 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 23 Nov 2023 01:10:39 GMT
/
ghb.adtelligent.com/v2/auction/ Frame BE3E
3 KB
1 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
07a38dd6b76a7afc9b1823eec0927fed373e4125febbe9fac2779b3fc74483b0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1073
cdb
bidder.criteo.com/ Frame BE3E
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.8&cb=87112671753&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame BE3E
0
179 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame BE3E
4 KB
3 KB
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.8
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c962b1cefd18d919e859003ad945d808ef469b0d9504b3612e72cb1d0080118f

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2466
/
ghb.app.copper6.com/v2/auction/ Frame BE3E
236 B
529 B
XHR
General
Full URL
https://ghb.app.copper6.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
298b3a852535f1d2efde755eefdf0164d703bc54f6c0ef3072cfb105a1e5e0d3

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
218
prebid
prebid.deepintent.com/ Frame BE3E
0
41 B
XHR
General
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:10:38 GMT
server
a
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame BE3E
0
215 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame BE3E
1 KB
1 KB
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec80f85f672f96da15a544223ba5aa6c710ce748622aec76d76220360c84c36d

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFg26mWSzjiR49qoAy6f3GezcrEMf4UunV0Jd93hhd4mq62e9Vo13rva2HgX5JV4XrcFpLfXYiwRhjakZ2%2BUv97SNQV6SQYMgeObOVE0b4mrfs7xeYSBgdcqjFVQ897jCS%2Fw4hmH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a5889f2c353648-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame BE3E
37 B
396 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b4a0160b5a8a37c4e7cd80a001208f8a92fb513bf3a2332917aee55038852e

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x9ySkqYRmkUfjral8tanIj%2FCOpgSAssyDgcyLRNKvpKK1kcrSei3CrKcJQGSvYdGQz8K%2BMUytDmRPtQSLOoA%2BvaDh3pSzdNMsMkRxU2T34cf60YnHm%2FCo%2BjFUGyjHAlu87Q598E"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a5889f2c373648-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
btlr.sharethrough.com/universal/ Frame BE3E
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.156.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-156-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame BE3E
0
159 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.156.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-156-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ Frame BE3E
0
195 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.8&cb=69582664355&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
unruly_prebid
targeting.unrulymedia.com/ Frame BE3E
0
163 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame BE3E
0
164 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame BE3E
35 KB
14 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
472bf77b7d6b7b1e16b99b001ef20b200ccac194c6e4decfd49c050488ae69b1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
an-x-request-uuid
d26b3a55-298c-4ba1-b9cd-90bae8835a78
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame BE3E
737 B
2 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d1dbe32c51384fa179f9a4b71c915f2da7bdd318d89a1527968479b9c2946aca

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame BE3E
0
114 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ Frame BE3E
326 B
725 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9b1929e565cea2a007edfeabfc4b01a705b43d5dc9818f33eba9b3c80bae03c4

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 01:10:39 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BE3E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&l_pb_bid_id=5143aa964e62bcd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.8514118139033902
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cc539005bf46fd579c14b0090980c2f85e17299c3f1776b890c3116275d2bbc9

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BE3E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&l_pb_bid_id=529e7e8ebad478f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.25957753213191026
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3f0383930d0dd02a80bf5ee1aaf833166e6e8edc46a10d6f1a72b6e7cedbfac6

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BE3E
16 KB
8 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=1775444&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&l_pb_bid_id=53023b4bbfde7b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.006621790213169332
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41b3f1c889f7cee62afb38840397e2e11f33b90f65cb95980f135040f92a9c16

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BE3E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&l_pb_bid_id=54a0e8ea795ac2b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.8229920349219926
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8c552f6d1dd8ed0e9a58c57ca1c1ea6a1f818d69fe54745504bae63495bb3650

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BE3E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&l_pb_bid_id=55c256d0c10a408&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.4063142217240798
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e238f77901f35afd58bcf5e39a6fa4d6088c5ecb124e744b4cc84c901b815bea

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BE3E
14 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&l_pb_bid_id=56f17ee52781dde&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.739828232585872
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
192df54fe2ec49451a972937f38c82378b1e7e6ced29621dd00aaed9fb24d557

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BE3E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2290538&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&l_pb_bid_id=57c577adecbf034&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=001e63dd-36c5-4d39-acd2-3c0aa862d352&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.17432844348141474
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
922bad42c36ff9c7b033f2662fce8892a58d54ec3b13433630b40e6e4f4195b0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame BE3E
0
112 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 23 Nov 2023 01:10:39 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame BE3E
357 B
764 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&PageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&PageReferrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&CanonicalUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a44a174a28b0a6e653c5201486de98c026d8d95833c2e333fbd57481736523e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
14
content-length
357
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
trinity.json
apex.go.sonobi.com/ Frame BE3E
2 KB
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226491fba7d7db48b%22%3A%22cf97f45749c8ec53ac56%7C300x250%2C336x280%2C320x250%7Cgpid%3D%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&s=78aaa386-eceb-43b2-b6c4-a427197034ba&pv=b39901ce-7c59-4eb7-8644-9dcd824fbc2b&vp=mobile&lib_name=prebid&lib_v=7.54.8&us=0&iqid=null&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_BbylgSbK%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22spotim.market%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22be6ba606-044e-4070-9e1d-7022439f1a3c%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f3a0d2f38d685d851b145a4d96eecfc3455cb9ef002115e46bf8f7c8208cec8c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-169
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
734
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ Frame BE3E
15 B
412 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
prebid.deepintent.com/ Frame
0
0
Preflight
General
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 23 Nov 2023 01:10:39 GMT
server
c
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4B51
0
178 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
ghb.adtelligent.com/v2/auction/ Frame 4B51
3 KB
1 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0bacad52397dddc457837f258b91e1f3380c5df8dcc26ec9e2cbf45e59ff3745

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:40 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1077
pbjs
htlb.casalemedia.com/openrtb/ Frame 4B51
1 KB
1 KB
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b0da0d27f28a2faa518904185a1749b8ced8c115edccf714fc7226f0bf6877

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRmqKUqrgw%2FWMtF7gNAN9xYbX%2BReX2kx44b4srpX8JdkbKtJVhbRa2awVaJp81gfHTrAMX46qyO4VTapyeRtxI%2B49HmS%2Bp8Q3lJYJVQY2W1h%2F8ezJ5rfkd0w1mP8dvtRlt6CED6D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a5889f7c603648-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 4B51
36 B
318 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f731d2d5d7a241d8c9dc5d90ebde4f99be1c71da804502430c18907312e2680d

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpYLMp%2BN6the3J%2BSdGkCSBr%2Fw8LWQcKsVMnRaqWK%2BWznkUO0KbxOCOG1luYt3MBX3F2qIj6iL5h%2FuJUqqoFvuIrGpQl20ynhOYRbtuuS26NGESPdR09Z75%2FcV%2BwYuXXD1MdZoYk2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a5889f7c633648-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B51
472 B
987 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5422c670-5655-4fa2-9212-954312ec1598&l_pb_bid_id=13a752a11839b77&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5422c670-5655-4fa2-9212-954312ec1598&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.5404308489237211
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c4e82de8cce43e044222d5bebee0e97330f4501093ed84dcb0ab929f59e45ac8

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
472
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B51
473 B
813 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5422c670-5655-4fa2-9212-954312ec1598&l_pb_bid_id=14eac97ebf00026&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5422c670-5655-4fa2-9212-954312ec1598&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.5023404560998195
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d52376a3bcf8675bc002b4e7f991cf9fa2fef730c41f8623a77cb4ccf3263b1c

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
473
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B51
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=1775444&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5422c670-5655-4fa2-9212-954312ec1598&l_pb_bid_id=1544ed5812ed428&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5422c670-5655-4fa2-9212-954312ec1598&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.045453906703329494
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
55d35a5212c368be4727181ba049a9f587c24af4e8925e1a87dcfe2f19c6116c

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B51
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5422c670-5655-4fa2-9212-954312ec1598&l_pb_bid_id=161e79d160bb419&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5422c670-5655-4fa2-9212-954312ec1598&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.7274285783118704
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
16d320316959c464d4b0556b4b11ab001dd01f5244344b521252fef09b154a74

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B51
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5422c670-5655-4fa2-9212-954312ec1598&l_pb_bid_id=176678d079d8e88&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5422c670-5655-4fa2-9212-954312ec1598&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.43579600660103224
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
350a65b18442a1ffa0449a9bdbb9eb937c6020fb2605178e73ac1b3ead2e56a2

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B51
473 B
812 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5422c670-5655-4fa2-9212-954312ec1598&l_pb_bid_id=18b7c5339f881d3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5422c670-5655-4fa2-9212-954312ec1598&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.11216506786538005
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
045f1ee92ab9aa27960770472e64e754975d3a74b55a82322ab6a78dcf98056e

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
473
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B51
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2290538&size_id=15&alt_size_ids=16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=5422c670-5655-4fa2-9212-954312ec1598&l_pb_bid_id=19a2a592e63033e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5422c670-5655-4fa2-9212-954312ec1598&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.6359512591352547
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
341d12c3f0cd75cd5719a0a5ba699e9f201a9b9b3de1cce52bd134213a0bc3e4

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame 4B51
0
18 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 23 Nov 2023 01:10:38 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
trinity.json
apex.go.sonobi.com/ Frame 4B51
2 KB
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222550b4c7a9bf6f5%22%3A%22cf97f45749c8ec53ac56%7C300x250%2C336x280%2C320x250%7Cgpid%3D%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&s=cfda6998-0fbc-41a4-9639-30f843e2547f&pv=4f8ac5e4-e1d0-442a-93c7-ccf6e96fed09&vp=mobile&lib_name=prebid&lib_v=7.54.8&us=0&iqid=null&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_BbylgSbK%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22spotim.market%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22be6ba606-044e-4070-9e1d-7022439f1a3c%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7dda73635a0b6baef16331da9c1c0e0720a2630bf932ba13c343e91c40dc26af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
733
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 4B51
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.8&cb=76291137802&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ Frame 4B51
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.8&cb=80721052695&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
ghb.app.copper6.com/v2/auction/ Frame 4B51
236 B
529 B
XHR
General
Full URL
https://ghb.app.copper6.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6edca8a6db0698387f2044d4dd85b6f006d641bbcb14972cd5358d6629c5c768

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
218
translator
hbopenbid.pubmatic.com/ Frame 4B51
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 4B51
0
215 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
prebid
prebid.deepintent.com/ Frame 4B51
0
232 B
XHR
General
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
server
a
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
prebid-request
onetag-sys.com/ Frame 4B51
15 B
412 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
prg.smartadserver.com/prebid/ Frame 4B51
1 KB
2 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
7cd604da69fa174750d03671925fb32f2f105a3eb11437fe2620f15ed199b6e3

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 4B51
35 KB
14 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
340f9c0f06dd4157c63077dc388cbb4b08da130f2e76c6910fc4967444e6cf92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
an-x-request-uuid
67d303a5-7fe1-4311-a75c-470d3905866f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 4B51
12 KB
6 KB
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.8
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
23eb24ef77b1664d5b123463d82a89bb52d0fa077bb205611682bbc0094ea82c

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
btlr.sharethrough.com/universal/ Frame 4B51
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.156.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-156-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame 4B51
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.156.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-156-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
prebid.media.net/rtb/ Frame 4B51
326 B
390 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
86919a5ce3908f8ef50e38fd9d37c9a57dd7ddc10d902fcea4d3b7d1955f786b

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:38 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 01:10:39 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 4B51
0
163 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 4B51
0
163 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 4B51
357 B
763 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&PageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&PageReferrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&CanonicalUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3505c3c14abc678d48a3e4667df2e0c350b15a66790162e68d81cf0bae5fde0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
17
content-length
357
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame F38E
190 B
463 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 23 Nov 2023 01:40:39 GMT
px.gif
ad-delivery.net/ Frame F38E
43 B
342 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94239
x-guploader-uploadid
ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmthmTrkGXFIbZdI0WH%2F%2FzApGFS%2BDvWcf1D%2Ff75oko5Vuqgc0LTGHRwmBvW%2FWwOUrPjAW2Co3bbcMzAp2rA6ENr5bLJ3QxFo9bDLc3dkRhqhYWQOgo6AaI%2BNb55Bw10yZ2WUXGzoHDuagLGSJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a5889fcc87365a-FRA
expires
Tue, 21 Nov 2023 23:44:24 GMT
favicon.ico
ad.doubleclick.net/ Frame F38E
1 KB
165 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 20:50:18 GMT
state
api.btloader.com/mw/ Frame F38E
0
39 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame F38E
43 B
336 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8220576814310196
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94239
x-guploader-uploadid
ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocj1fWaHpaTJ24K%2B4VsUpg4TPJBQbzmcU4X64XQSwlSD0PHf9svmeIV8CbkVqpoo2T9YvfuiyWKOCyooEDFysBMeuR%2BN9U84nnyNrBKn57fC7QzQLXNqvPel3WX5e1eiHlq7ktEDV4OhFdjWVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a5889fcc88365a-FRA
expires
Tue, 21 Nov 2023 23:44:24 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 23 Nov 2023 01:10:39 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 23 Nov 2023 01:10:39 GMT
country
api.btloader.com/ Frame BE3E
16 B
141 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
country
api.btloader.com/ Frame 4B51
16 B
76 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
prebid
prebid.deepintent.com/ Frame
0
0
Preflight
General
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 23 Nov 2023 01:10:38 GMT
server
c
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 23 Nov 2023 01:10:39 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 23 Nov 2023 01:10:39 GMT
translator
hbopenbid.pubmatic.com/ Frame F38E
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame F38E
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.8&cb=15702055279&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F38E
14 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&l_pb_bid_id=687c19ad870f11&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&slots=1&rand=0.6381313001894247
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c66923ec9e529b5d9c37149ac6c5b1332890e249521b72dcfe5c1dbe436d5d1d

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F38E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&l_pb_bid_id=7f5ebcf632612d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&slots=1&rand=0.20282038697520455
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
07b930a852941f8adc30abd6fd3e560455924774f6cc4371d4f6e85144721f89

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F38E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=1775444&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&l_pb_bid_id=85e9c40596c599&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&slots=1&rand=0.1631714969212863
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
698ff2b16e47d4d2942f8dff699a1f1e0ac91ba814fb3dbe998114b69056447f

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F38E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&l_pb_bid_id=9f5be52bd93105&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&slots=1&rand=0.03510297221712633
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9f933253b5f461d127c13675c5423bbfd8a9ac5d2bd4fb629a141767f16bb7ce

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F38E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&l_pb_bid_id=10423f7bd23a793&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&slots=1&rand=0.23193348683520276
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7d3fdf9a5291327ddee7d1cdbe8b5cd2a453cb0c2bcfa3698ebb9aace920d50c

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F38E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&l_pb_bid_id=11fe1d069338e85&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&slots=1&rand=0.5832750382594902
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1efaa7bbf3e72a3670cca2981626878532584aca96c43a29fa03d638c2b7052e

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F38E
13 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2290538&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=0&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_pubcid.org=7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%5E1&eid_spotim.market=be6ba606-044e-4070-9e1d-7022439f1a3c%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&kw=chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips&tg_i.domain=shefinds.com&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&tk_flint=pbjs_lite_v7.54.8&x_source.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&l_pb_bid_id=12cb4050eec4e7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16b80d31-1fcc-4ed1-845d-4834e1b9c36d&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0&slots=1&rand=0.3950479976774075
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
488787591e825d9481747646a80d3b2e0ecf1a68675439beb2f61ffa3521b6f8

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F38E
34 KB
14 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
59682b34a53a47bcdda550d4a47f87240464ecd593b97681bee9a5228edbef0e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
an-x-request-uuid
bf2478e9-8d44-439c-8c3c-72a193e087b2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ Frame F38E
326 B
346 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b88aaf47c57619eae042d8b5ef05654a5b6ee5bbd054dc0eca9c4fc23a5f15cb

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 01:10:39 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame F38E
358 B
764 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&PageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&PageReferrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&CanonicalUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
787723bb60da6c7749ef7c1e32c542e9fba84b07dd132b3d35010d0c65930520
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
10
content-length
358
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bid
ap.lijit.com/rtb/ Frame F38E
94 B
625 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.8
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
32d31229c744fc8f03a63da695b33c488756d43e2b2c0bf056998dba23b560ee

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
prebid.deepintent.com/ Frame F38E
0
18 B
XHR
General
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
server
a
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
/
ghb.adtelligent.com/v2/auction/ Frame F38E
2 KB
1 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9e56273d5c90b208cf3534dc308bf44da3acbaf53b79864b0bde6ce0ceb86c05

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
764
v1
prg.smartadserver.com/prebid/ Frame F38E
884 B
2 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d06a11ec13300476554bbcfee505e6bd5f58baf797709418e25faf657c1a642

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame F38E
0
18 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 23 Nov 2023 01:10:38 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
unruly_prebid
targeting.unrulymedia.com/ Frame F38E
0
163 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame F38E
0
163 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
/
ghb.app.copper6.com/v2/auction/ Frame F38E
236 B
528 B
XHR
General
Full URL
https://ghb.app.copper6.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5fc26736b382f47752024d61ca953d665518d12cf30eab84d754e60019f82354

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
217
trinity.json
apex.go.sonobi.com/ Frame F38E
2 KB
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2250baa6cca0cd8e1%22%3A%22cf97f45749c8ec53ac56%7C320x250%2C300x250%2C336x280%2C728x90%7Cgpid%3D%2F39694909%2C22607427172%2FConversationDisplay%2FCD-SheFinds%23div-gpt-ad-1695210273163-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&s=92f9eed9-e838-4138-9716-50931991c564&pv=0d52dc53-7f0d-4a5c-a8c8-5027a12ee956&vp=mobile&lib_name=prebid&lib_v=7.54.8&us=0&iqid=null&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22chips%2Cdoritos%2Cfood%2Cfoodnews%2Cfoodrecall%2Cfoodrecalls%2Cnews%2Crecall%2Crecallnews%2Crecallnotices%2Crecalledfood%2Crecalleditem%2Crecalleditems%2Crecalledproduct%2Crecalls%2Ctortillachips%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_BbylgSbK%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227d43c5f4-7201-4ff3-aa02-e5f0d9efdf30%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22spotim.market%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22be6ba606-044e-4070-9e1d-7022439f1a3c%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
42c000acc96ffeaaaa5358e898f2482b48b2c1a778ba3470a05d68ecdf122805
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-45
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
740
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ Frame F38E
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.156.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-156-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame F38E
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.156.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-156-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame F38E
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.156.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-156-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid-request
onetag-sys.com/ Frame F38E
15 B
412 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame F38E
0
215 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
cdb
bidder.criteo.com/ Frame F38E
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.8&cb=82319248872&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ Frame F38E
3 KB
2 KB
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fcf61fec10047e1c6b04098c52ce12d99adbd367e58ff141a547d73e7787401

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hiy27S3cLgLoa%2Bp8k5FAtIdg2oX91NK875Bo6gmyrBSyOZIJbSOjxanXozWJvXyZqe2MbZJebfexupY6E7qYRggI3Hyqdth1Dm1Q24um5gVxnfjwWA%2Fl8F4Zw8gyfE%2BfezdBXbO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a588a04d3f9954-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame F38E
37 B
488 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb8931c4f15083a4e3c005fdc87e55cb05ad0b675f11c3ae0c176c5e1ea8146

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfXs6ujgaR7EZV3ILWbEhNMS5uYuhaurgyqEqN9eeK%2F7OE%2F04U331NQZ3vpoQEKYDBnXV9Gxiqm1DC%2B5iaqsc9%2BL1PCSyjr%2BXmjzvE2O0RhWSMoA7c6xJjwSoh1zKeQxStMQ4j7v"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a588a04d419954-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pv
api.btloader.com/ Frame BE3E
0
12 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=vYH8uzPSE&w=4661567486951424&o=5080945107927040&cv=2.1.24-1-g0c437e2&widget=false&r=false&vr=336x280&pageURL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fdoritos-chips-recall-undeclared-ingredients%2F&sid=lPrMrHvnh&pm=true&upapi=true
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame F38E
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Thu, 23 Nov 2023 01:25:39 GMT
openrtb
adx.adform.net/adx/ Frame 72D4
0
530 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.annocdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
c
prebid.a-mo.net/a/ Frame 72D4
0
34 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 23 Nov 2023 01:10:38 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://p.annocdn.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
ROS
pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ Frame 72D4
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.7274672052250248&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.7274672052250248&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&cr...
293 B
707 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.7274672052250248&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=86b173eb-f593-4013-ad26-5598746faf11
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e7c6bdfe1e2b15842f937a73a08b41a987c725dc0788c7e49645643de6ff37ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 01:10:39 GMT
date
Thu, 23 Nov 2023 01:10:39 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type
application/json
access-control-allow-origin
https://p.annocdn.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
293
x-sid
AMS-928

Redirect headers

date
Thu, 23 Nov 2023 01:10:39 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.7274672052250248&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=86b173eb-f593-4013-ad26-5598746faf11
access-control-allow-origin
https://p.annocdn.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-928
/
ghb.adtelligent.com/v2/auction/ Frame 72D4
2 KB
1 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
28b1c2aedc87388efc3f714ba2caa7908cf8e6e6fa5f3f80332edc4705d43f38

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://p.annocdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
935
auction
rtb.adxpremium.services/openrtb2/ Frame 72D4
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
5443de6325c7273f8805a370e3a384327134e8c288732bc85e7064147bce9e8a

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:39 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.annocdn.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1868
Expires
0
cdb
bidder.criteo.com/ Frame 72D4
0
191 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.7&cb=66312375800&lsavail=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.annocdn.com
date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
rtb.adxpremium.services/openrtb2/ Frame CF42
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
05509b0c3ff2afb3ae0dd150d54cd5244a04e3764e0d18014a9506245a2e64f4

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:39 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.jcontentcdn.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1868
Expires
0
/
ghb.adtelligent.com/v2/auction/ Frame CF42
2 KB
1 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9ba886c2761575268064b4c00f247d34c0a5d7da9bcac879350abdbcae0fb27b

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 01:10:39 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://p.jcontentcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
915
cdb
bidder.criteo.com/ Frame CF42
0
195 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.7&cb=68379441455&lsavail=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.jcontentcdn.com
date
Thu, 23 Nov 2023 01:10:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
openrtb
adx.adform.net/adx/ Frame CF42
0
532 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.jcontentcdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ROS
pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ Frame CF42
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.41226961020971253&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&f...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.41226961020971253&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&c...
293 B
709 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.41226961020971253&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=e7cbabb0-505b-49bb-bf90-18fbd65efb49
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e7c6bdfe1e2b15842f937a73a08b41a987c725dc0788c7e49645643de6ff37ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 01:10:39 GMT
date
Thu, 23 Nov 2023 01:10:39 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type
application/json
access-control-allow-origin
https://p.jcontentcdn.com
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
293
x-sid
AMS-928

Redirect headers

date
Thu, 23 Nov 2023 01:10:39 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.41226961020971253&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.54.7&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=e7cbabb0-505b-49bb-bf90-18fbd65efb49
access-control-allow-origin
https://p.jcontentcdn.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-928
country
api.btloader.com/ Frame F38E
16 B
31 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:39 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
multitracking
ghb.spotim.market/adunit/ Frame 4B51
0
227 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Thu, 23 Nov 2023 01:10:39 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
mut
ghb.adtelligent.com/adunit/ Frame 72D4
0
224 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.annocdn.com
URL: https://p.annocdn.com/prebidlink/y19684/hbw_master_307825_11594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.annocdn.com
Date
Thu, 23 Nov 2023 01:10:40 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
mut
ghb.adtelligent.com/adunit/ Frame CF42
0
228 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.jcontentcdn.com
URL: https://p.jcontentcdn.com/prebidlink/y19684/hbw_master_307825_11595.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.jcontentcdn.com
Date
Thu, 23 Nov 2023 01:10:40 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
multitracking
ghb.spotim.market/adunit/ Frame BE3E
0
227 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Thu, 23 Nov 2023 01:10:40 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
multitracking
ghb.spotim.market/adunit/ Frame F38E
0
227 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Thu, 23 Nov 2023 01:10:40 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame BE3E
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 01:10:41 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame 4B51
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 01:10:41 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame 72D4
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 01:10:41 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame F38E
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 01:10:41 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ Frame CF42
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 01:10:41 GMT
multitracking
ghb.spotim.market/adunit/ Frame 4B51
0
227 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/5HLlE/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Thu, 23 Nov 2023 01:10:41 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.annocdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.annocdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.annocdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
201269
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 72D4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.annocdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
  • https://mug.criteo.com/sid?cpp=jbLIwnwxeHJpT1BDMURlM0FyYWhpMW4wdXRjSEVYcDNKVi9BOFNNT1pUYjBudmk2OGk2enNNaTVodVdYZHhZQkJUTGMzMVRzTWtDUFBvdXFPZVRSWDM3Z1kwaXQrWlE3ak81WURVY25yYTB4bkMyaFZNcG44ejNyZ0hITn...
375 B
655 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=jbLIwnwxeHJpT1BDMURlM0FyYWhpMW4wdXRjSEVYcDNKVi9BOFNNT1pUYjBudmk2OGk2enNNaTVodVdYZHhZQkJUTGMzMVRzTWtDUFBvdXFPZVRSWDM3Z1kwaXQrWlE3ak81WURVY25yYTB4bkMyaFZNcG44ejNyZ0hITng0U08yUXZsMTRHMEtmQnVWSTlWWDBsNk55aHdrN0VCc2t4T0RoQ24zZHNuY0NjTVkwUUdwczBTQjBuTXlFMzJ1UWNsVytYeFV6cXgzcVk1ZytMZEZnL3FBL3ZLbFExTVZvMmlWWnhyUE5ieXkrQTIrL3gyTVpmV01DaTR0ME9TZkZsTzJobGNKfA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53cb431ede15aac99c284dc42ae448e7606e4c15068f50e3a062dc1666ef86a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.annocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
582973
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://p.annocdn.com
location
https://mug.criteo.com/sid?cpp=jbLIwnwxeHJpT1BDMURlM0FyYWhpMW4wdXRjSEVYcDNKVi9BOFNNT1pUYjBudmk2OGk2enNNaTVodVdYZHhZQkJUTGMzMVRzTWtDUFBvdXFPZVRSWDM3Z1kwaXQrWlE3ak81WURVY25yYTB4bkMyaFZNcG44ejNyZ0hITng0U08yUXZsMTRHMEtmQnVWSTlWWDBsNk55aHdrN0VCc2t4T0RoQ24zZHNuY0NjTVkwUUdwczBTQjBuTXlFMzJ1UWNsVytYeFV6cXgzcVk1ZytMZEZnL3FBL3ZLbFExTVZvMmlWWnhyUE5ieXkrQTIrL3gyTVpmV01DaTR0ME9TZkZsTzJobGNKfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
20103220
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 72D4
135 B
414 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.annocdn.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 72D4
43 B
314 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.annocdn.com
cache-control
no-cache
x-server
10.45.10.45
access-control-allow-credentials
true
content-length
43
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C38D
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63912
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame 4BC3
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
9d019fd7e80d10fb4d8a651c715791527636e1027510a2c91b47294d898831a4

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Thu, 23 Nov 2023 01:10:42 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
/
ssc-cms.33across.com/ps/ Frame BBD9
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP012 /
Resource Hash

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
server
33XP012
x-33x-status
2000208
isyn
prebid.a-mo.net/ Frame 1088
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 23 Nov 2023 01:10:42 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
csync
sync.adtelligent.com/ Frame 5C4D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extui...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
43 B
444 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 01:10:43 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
sync-all.html
adxbid.info/ Frame 78A1
7 KB
3 KB
Document
General
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82a588b57cc618f1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0OuW%2BObq440Y9CLS6T0M9j9n1DFr3qn39L59nx01IpikqBnUl7mNpf6JjEOJUFFlBhbXa3KFc%2Fbcm4%2BVns9gf2qON1xamD7Bj2ak4MbJKNEMs101vXInB7yhxcLBLo%2BlgAda1tUttiC%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync.html
s.console.adtarget.com.tr/ Frame FC1A
2 KB
1 KB
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5232::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://p.annocdn.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
980
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 0CB7
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 5CD5
9 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6401ee350fbe9fda8b1e2cbae78ce435d8c1bb1c1bfb514ec8855896211b209
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://p.annocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://p.annocdn.com
cf-cache-status
DYNAMIC
cf-ray
82a588b58f77bb73-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
PugMaster
image6.pubmatic.com/AdServer/ Frame C38D
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79259669&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:41 GMT
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ Frame 72D4
33 B
273 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
efa0c9c3494c8636e078817120effd662d209825d2a1bf4ff1fe6390774231b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.annocdn.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.jcontentcdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.jcontentcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.jcontentcdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
208742
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame CF42
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.jcontentcdn.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
  • https://mug.criteo.com/sid?cpp=dqpAOXxBQStVdWxqKzBHbDhpbDRQRk9aYXNoN2x1eUc3SlpJT2drMUhHUzFQbjhVTHF2UzNmQ0dqNG5mR3RkR2RvdDRVZDBNRWhETk43NEV5OUZvSld6TTcyT2VMNW8rT0ptaXlzWXJ2Rk9NNmJ3TGFTWTlOV2hQT1ZhRW...
359 B
645 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=dqpAOXxBQStVdWxqKzBHbDhpbDRQRk9aYXNoN2x1eUc3SlpJT2drMUhHUzFQbjhVTHF2UzNmQ0dqNG5mR3RkR2RvdDRVZDBNRWhETk43NEV5OUZvSld6TTcyT2VMNW8rT0ptaXlzWXJ2Rk9NNmJ3TGFTWTlOV2hQT1ZhRWw0dVR2aC84OGFxbGk4eVZrUXdpYlNZQWZXTC8xN0ttN1d3WWlJT1dML25rOEtTajhMR3ZHQmtCT3ZIWTJsZEVKcmpGWjhyZ0QxZ2Q2dFQ5MTRVMEhxa3F1ZjYwVlNHbWMzS1pLT2VVQ0swM2o1bFZHT0lMS3Bvb0ZsOWpWendmdzIzR3NaRGFSfA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dd328e7e0c393ce35d104bff533a55bd63990581b649c3135244c7c07f9201d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.jcontentcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
476624
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://p.jcontentcdn.com
location
https://mug.criteo.com/sid?cpp=dqpAOXxBQStVdWxqKzBHbDhpbDRQRk9aYXNoN2x1eUc3SlpJT2drMUhHUzFQbjhVTHF2UzNmQ0dqNG5mR3RkR2RvdDRVZDBNRWhETk43NEV5OUZvSld6TTcyT2VMNW8rT0ptaXlzWXJ2Rk9NNmJ3TGFTWTlOV2hQT1ZhRWw0dVR2aC84OGFxbGk4eVZrUXdpYlNZQWZXTC8xN0ttN1d3WWlJT1dML25rOEtTajhMR3ZHQmtCT3ZIWTJsZEVKcmpGWjhyZ0QxZ2Q2dFQ5MTRVMEhxa3F1ZjYwVlNHbWMzS1pLT2VVQ0swM2o1bFZHT0lMS3Bvb0ZsOWpWendmdzIzR3NaRGFSfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
266187
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame CF42
135 B
417 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.jcontentcdn.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame CF42
43 B
318 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.jcontentcdn.com
cache-control
no-cache
x-server
10.45.31.230
access-control-allow-credentials
true
content-length
43
expires
0
/
spl.zeotap.com/ Frame 36B1
9 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a3ac75222b5a988398196142ff6e3f3952334c71225a9f5f95d94a988718cc5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://p.jcontentcdn.com
cf-cache-status
DYNAMIC
cf-ray
82a588b59f8abb73-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
/
ads.us.e-planning.net/uspd/1/ Frame BB8E
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
9d019fd7e80d10fb4d8a651c715791527636e1027510a2c91b47294d898831a4

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Thu, 23 Nov 2023 01:10:42 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
/
onetag-sys.com/usync/ Frame 7C4E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 76D3
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63912
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
s.console.adtarget.com.tr/ Frame 2C91
2 KB
1 KB
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5232::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://p.jcontentcdn.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
980
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync-all.html
adxbid.info/ Frame 9531
7 KB
3 KB
Document
General
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82a588b5cd0218f1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmwkalx9IMcoAuTYwL7zEflGmehuBMhoglMh%2BE5RcIMUau1OqjQBYIqWmBwjas97e515o4UzsaUxdr8quaWzpMVOzrUu%2FXZYkp8GsVkqvIa3did1L%2BZLwbZxiYeNFGeOZ1W7KZomOyB%2F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
ssc-cms.33across.com/ps/ Frame B652
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
server
33XP013
x-33x-status
2000208
csync
sync.adtelligent.com/ Frame F29C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extui...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
43 B
444 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://p.jcontentcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 01:10:43 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
pbs.gif
sync.admanmedia.com/ Frame 4BC3
60 B
60 B
Image
General
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dabf742fe032a068b%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 4BC3
566 B
521 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 21 Nov 2028 01:10:42 GMT
um
u-ams03.e-planning.net/ Frame 4BC3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dabf742fe032a068b%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
an-x-request-uuid
ef57a8ab-d456-4baf-8b1a-28e4639ebda4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 4BC3
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dabf742fe032a068b%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame 4BC3
0
34 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.167.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-167-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
us
sync.go.sonobi.com/ Frame 4BC3
0
399 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dabf742fe032a068b%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 4BC3
43 B
58 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dabf742fe032a068b%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 4BC3
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
0
0
Image
General
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
date
Thu, 23 Nov 2023 01:10:43 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 4BC3
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
692.json
id5-sync.com/g/v2/ Frame 72D4
251 B
530 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
45f923caa6e7ba7da3907cf387922e1c992acb8b0f9df52a700d928e62c08426
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.annocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.annocdn.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
getuid
ib.adnxs.com/ Frame 5CD5
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 5CD5
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b7e92fbb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 5CD5
0
453 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 5CD5
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 5CD5
0
64 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230021-FRA
server
nginx
x-timer
S1700701843.130861,VS0,VE9
x-fastly-to-nlb-rtt
7594
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 5CD5
0
460 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
X-Fw-Request-Id
umeb608_1700701843711318358
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5CD5
0
163 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 5CD5
0
0

mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=34e68461-c02d-4ac1-6351-b3057e58c27c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=34e68461-c02d-4ac1-6351-b3057e58c27c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b88993bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-2-v054-09a33b2f9.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
faDVVxNnSDc=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 5CD5
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 5CD5
0
0

mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7304458795934742686&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7304458795934742686&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8395dbb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7304458795934742686&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 5CD5
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=34e68461-c02d-4ac1-6351-b3057e58c27c
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b88998bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
via
1.1 google
last-modified
Thu, 23 Nov 2023 01:10:43 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 5CD5
0
15 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=34e68461-c02d-4ac1-6351-b3057e58c27c&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=34e68461-c02d-4ac1-6351-b3057e58c27c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b7a90abb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
cache-control
no-cache
x-server
10.45.18.177
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8c9ecbb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nyn8YlUhiwYx35wBTEG6M1deXtyQ40iP%2BS41iYitP1U%3D
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nyn8YlUhiwYx35wBTEG6M1deXtyQ40iP%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8fa25bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nyn8YlUhiwYx35wBTEG6M1deXtyQ40iP%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 5CD5
42 B
103 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 5CD5
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.88.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1700701843
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 5CD5
0
65 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
x-powered-by
PHP/8.2.4
server
nginx/1.14.1
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABp5d5_ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-302...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABp5d5_ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b9eab4bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230116-FRA
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1700701843.410726,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABp5d5_ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 5CD5
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc0...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.211.88.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n020-dub-prod.krxd.net
date
Thu, 23 Nov 2023 01:10:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1700701844
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
date
Thu, 23 Nov 2023 01:10:44 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a010-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5CD5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-635...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-635...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3ZHMX63N0E8PMRRX835Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C2CZC0BVQ740G6HGYX05
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 5CD5
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
95 B
234 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8ea1abb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
date
Thu, 23 Nov 2023 01:10:43 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58...
  • https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b93a41bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 5CD5
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D34e68461-c02d-4ac1-6351-b3057e58c27c%26reqId%3D0057727f-55eb-4a58-7f48-30215bc02a42%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 5CD5
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8ea19bb73-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 5CD5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=nntX-cl4W6-FewCozChPrJArA6yFKlGokSj7JBqL&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=34e68461-c02d-4ac...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=nntX-cl4W6-FewCozChPrJArA6yFKlGokSj7JBqL&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b92a39bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=nntX-cl4W6-FewCozChPrJArA6yFKlGokSj7JBqL&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=34e68461-c02d-4ac1-6351-b3057e58c27c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 5CD5
557 B
471 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9d1ad0738b997a76c13bbe3ea378b130a01439e5c7a02bada840eff6a72206
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b6982dbb73-FRA
access-control-allow-headers
*
pbs.gif
sync.admanmedia.com/ Frame BB8E
60 B
60 B
Image
General
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dabf742fe032a068b%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame BB8E
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 21 Nov 2028 01:10:42 GMT
um
u-ams03.e-planning.net/ Frame BB8E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dabf742fe032a068b%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
an-x-request-uuid
1ef7bf51-9597-4e65-ae83-60465a31099c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=abf742fe032a068b&uid=7672818372472082626
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame BB8E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dabf742fe032a068b%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=abf742fe032a068b&uid=ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame BB8E
0
35 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.167.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-167-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
us
sync.go.sonobi.com/ Frame BB8E
0
398 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dabf742fe032a068b%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame BB8E
43 B
58 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dabf742fe032a068b%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame BB8E
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
0
0
Image
General
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
date
Thu, 23 Nov 2023 01:10:43 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame BB8E
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4470
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dabf742fe032a068b%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63912
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 57D3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 01:10:42 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 2718
2 KB
1 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5735c5584b89a0e8d18661ed358ef81df4ee0fc54b318ae5f01f008352c7866e

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82a588b60a8c3648-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j99pHjrc0jgty5ledyxUcFpGMg%2BPK2BYtv6dwtL5885go19z9R3aJbge1OlNrMhvUutr%2FjMt5BAQnXIth%2B8PI0P0xXLP%2F1r%2B9nko6rFZd2ICjppw%2FASK%2BkDp7LoaTk3LfDpOi%2FZG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 105C
1 KB
1000 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
35110
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 29 Oct 2028 20:46:09 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
8de122440218422afb6b4b72fd24a139
x-cf-tsc
1698820281
x-cf1
29080:fL.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame C9BD
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 86B8
760 B
813 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22af0f8a7ea5cd96f9cecf33dfdb62fe27a01c293c056d7cd7fcbcb78c2ef77
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
82a588b5ffcfbb73-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
setuid
rtb.adxpremium.services/ Frame 78A1
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
0
556 B
Image
General
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
getuid
ib.adnxs.com/ Frame 36B1
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 36B1
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8395fbb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=1bb45432-b713-49ca-bcf3-cd45d8ced1ed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 36B1
0
454 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 36B1
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 36B1
0
203 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230021-FRA
server
nginx
x-timer
S1700701843.130963,VS0,VE8
x-fastly-to-nlb-rtt
7446
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 36B1
0
460 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
X-Fw-Request-Id
ume4d21_1700701843011690063
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 36B1
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Nov 2023 01:10:41 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 36B1
0
0

mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f9341ab5-dafc-42da-578f-2a3b998f439b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f9341ab5-dafc-42da-578f-2a3b998f439b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8798fbb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-2-v054-0100d45a8.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
bFARRHYLSe8=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=89178084910842692320780975693316685674&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 36B1
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 36B1
0
0

mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7304458795934808222&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7304458795934808222&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8395ebb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7304458795934808222&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 36B1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f9341ab5-dafc-42da-578f-2a3b998f439b
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f9341ab5-dafc-42da-578f-2a3b998f439b
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f9341ab5-dafc-42da-578f-2a3b998f439b
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f9341ab5-dafc-42da-578f-2a3b998f439b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4e...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8899bbb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
via
1.1 google
last-modified
Thu, 23 Nov 2023 01:10:43 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=2/mHne8OrRuA/3Tgr3n9Ye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 36B1
0
84 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f9341ab5-dafc-42da-578f-2a3b998f439b&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f9341ab5-dafc-42da-578f-2a3b998f439b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b7e932bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
cache-control
no-cache
x-server
10.45.11.76
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
95 B
249 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8c9eabb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-VM8QtcRE2opZUJWb6jhA8TMysVwlx8HOew--~A&zpartnerid=570&env=mWeb
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A4QziKzB3g8x35wBTEG6M5nUoEb1sauu%2BS41iYitP1U%3D
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A4QziKzB3g8x35wBTEG6M5nUoEb1sauu%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8fa26bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=A4QziKzB3g8x35wBTEG6M5nUoEb1sauu%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 36B1
42 B
213 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 36B1
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.88.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=58 t=1700701843
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 36B1
0
64 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:34 GMT
x-powered-by
PHP/8.2.4
server
nginx/1.14.1
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABoVliuwAM&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a62...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABoVliuwAM&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b9fab9bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230116-FRA
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1700701843.419646,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZV6mkwABoVliuwAM&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 36B1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.211.88.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Thu, 23 Nov 2023 01:10:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1700701844
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
date
Thu, 23 Nov 2023 01:10:44 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 36B1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
69A3AZRY8S1W8F3HEWGR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7M2P3ZTBQJH9E124SKWV
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 36B1
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df93...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8da11bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
date
Thu, 23 Nov 2023 01:10:43 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f...
  • https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b93a42bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LPAHYPSY-5-6VYI&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 36B1
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df9341ab5-dafc-42da-578f-2a3b998f439b%26reqId%3D54db2aaa-ee6d-4ea8-41dc-a625b438f448%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 36B1
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8ea17bb73-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 36B1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=tcN3X-LAewmuwyAO5s5vWbuTcAyuwiBb5ZNZ-s_m&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=f9341ab5-dafc-42d...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=tcN3X-LAewmuwyAO5s5vWbuTcAyuwiBb5ZNZ-s_m&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b92a3abb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=tcN3X-LAewmuwyAO5s5vWbuTcAyuwiBb5ZNZ-s_m&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=f9341ab5-dafc-42da-578f-2a3b998f439b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 36B1
557 B
440 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767f83c8162751a1fd59814cd37e3259b463e57a94e8c53dfa42272080a7b85a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b728c0bb73-FRA
access-control-allow-headers
*
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=dqpAOXxBQStVdWxqKzBHbDhpbDRQRk9aYXNoN2x1eUc3SlpJT2drMUhHUzFQbjhVTHF2UzNmQ0dqNG5mR3RkR2RvdDRVZDBNRWhETk43NEV5OUZvSld6TTcyT2VMNW8rT0ptaXlzWXJ2Rk9NNmJ3TGFTWTlOV2hQT1ZhRWw0dVR2aC84OGFxbGk4eVZrUXdpYlNZQWZXTC8xN0ttN1d3WWlJT1dML25rOEtTajhMR3ZHQmtCT3ZIWTJsZEVKcmpGWjhyZ0QxZ2Q2dFQ5MTRVMEhxa3F1ZjYwVlNHbWMzS1pLT2VVQ0swM2o1bFZHT0lMS3Bvb0ZsOWpWendmdzIzR3NaRGFSfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
169249
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
166764
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame BE3E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
  • https://mug.criteo.com/sid?cpp=bxiFWnx3TENieGFrTjk0NWFPaG02OHl0N3VXZThVdmFKQXpzOCtnZzJ2T2o0SlU1MVRub3JqdW5MNlpVeHk3NTVDWjlqY2wrazhUcDhTbWsyQ3lSUm1lMWhXa09ZYmQ4eHVsZlJoQW9UckhCZUxWbkFJMHRTNGlHT3o5Rn...
360 B
648 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=bxiFWnx3TENieGFrTjk0NWFPaG02OHl0N3VXZThVdmFKQXpzOCtnZzJ2T2o0SlU1MVRub3JqdW5MNlpVeHk3NTVDWjlqY2wrazhUcDhTbWsyQ3lSUm1lMWhXa09ZYmQ4eHVsZlJoQW9UckhCZUxWbkFJMHRTNGlHT3o5RnZmZFpFSmgvbVBYZzJ0QWZvOEk2VGFOaHFzd1VBWWN2NDQ1MW1mVElmQ2hQMk00aEJibVUyZHhzWEhCYUpHcnZzQzl4SGFacjR6eEtDMmhaTXFOODhBMjhscFFvcFNtWDQ2MEVjQUoxbmR2a3dNSmlLU1RVPXw&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dfc6371ec0b0c5c350d61bb8f0e37ababa58c5b73ae4217f6f018a7d0f3350b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
388095
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
location
https://mug.criteo.com/sid?cpp=bxiFWnx3TENieGFrTjk0NWFPaG02OHl0N3VXZThVdmFKQXpzOCtnZzJ2T2o0SlU1MVRub3JqdW5MNlpVeHk3NTVDWjlqY2wrazhUcDhTbWsyQ3lSUm1lMWhXa09ZYmQ4eHVsZlJoQW9UckhCZUxWbkFJMHRTNGlHT3o5RnZmZFpFSmgvbVBYZzJ0QWZvOEk2VGFOaHFzd1VBWWN2NDQ1MW1mVElmQ2hQMk00aEJibVUyZHhzWEhCYUpHcnZzQzl4SGFacjR6eEtDMmhaTXFOODhBMjhscFFvcFNtWDQ2MEVjQUoxbmR2a3dNSmlLU1RVPXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
280928
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame BE3E
135 B
416 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame BE3E
43 B
318 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.45.24.172
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame BE3E
63 B
423 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
4d8de01ad29f8d43c9a8639d185fe4dacc10fdde514e6898b43944e0617960d9

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 01:10:43 GMT
syncpixel.html
cdn.deepintent.com/ Frame 4B1D
2 KB
2 KB
Document
General
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.136 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.16.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Thu, 23 Nov 2023 00:44:23 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ABPtcPr6CFeEO6ZHxga4BWaKFqOAq218PRJPCRftzAybOYXBWJLq6dMPvQNTxUdMHXhHonmbnHg
usync.html
eus.rubiconproject.com/ Frame 1DB2
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5315
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63912
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 4A75
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 23 Nov 2023 01:10:42 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
csync
sync.spotim.market/ Frame 7D58
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
43 B
457 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 23 Nov 2023 01:10:42 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
X-Sovrn-Pod
ad_ap3ams1
ixmatch.html
js-sec.indexww.com/um/ Frame E832
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
310
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82a588b76bf5bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 05:10:43 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 70F8
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63912
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3ECE
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"623de86a-cf34"
Expires
Fri, 24 Nov 2023 01:10:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
%25%25YOUR_COOKIE_SYNC_URL%25%25
sync.app.copper6.com/ Frame E3CD
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%%
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
21 B
166 B
Document
General
Full URL
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a48454e324f1c09ade5eeecfa8cc16abf0da783a77d9639f4a4e112c01ca5f0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
21
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent

Redirect headers

Content-Length
0
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Location
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Server
Adtelligent
csync
sync.spotim.market/ Frame CCE2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
406c01e6-8b8f-43ee-8d95-d8d3713c5327
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
checksync.php
contextual.media.net/ Frame 5E02
22 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
78edd19a5f2a3cbb51e5a1f3df7b5babfde5fb3bc80326a03dc8b2d18af828c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8052
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Sat, 25 Nov 2023 01:10:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
onetag-sys.com/usync/ Frame 26A9
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1700701839434&gdpr=0&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 9C5E
148 B
244 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
951b7d63c67a14bf5fb41581a8515353f456724c9eca4aaea220315c913a07af

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 2DC7
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 218F
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 23 Nov 2023 01:10:42 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
rtb-csync.smartadserver.com/redir/ Frame BE3E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304458795933497502&gdpr=0&gdpr_consent=
43 B
330 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304458795933497502&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7304458795933497502&gdpr=0&gdpr_consent=
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
ID1=ad232de9-bca9-4b3c-a88d-fe0ff745e545
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ Frame BE3E
0
0
Image
General
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.228.164.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

us.gif
sync.go.sonobi.com/ Frame BE3E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Date
Thu, 23 Nov 2023 01:10:43 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
usg.gif
sync.go.sonobi.com/ Frame BE3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1&google_tc=
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMj_GjxF9tgBc0XQUeqfx2Y&google_cver=1
49 B
442 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMj_GjxF9tgBc0XQUeqfx2Y&google_cver=1
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMj_GjxF9tgBc0XQUeqfx2Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame BE3E
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=3356acbef0&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
us.gif
sync.go.sonobi.com/ Frame BE3E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
49 B
442 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
an-x-request-uuid
43763238-7bf2-441d-bfaa-e20f5e99fd13
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame BE3E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ad232de9-bca9-4b3c-a88d-fe0ff745e545&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N0pKZzZQbXV4WHFJTXg4bXlwVlMyQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
49 B
486 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-rvnf5
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ Frame BE3E
47 B
47 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9VWM5FVN8WXDAJA1VR48
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
ecm3
aax-eu.amazon-adsystem.com/ Frame BE3E
0
0
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

us.gif
sync.go.sonobi.com/ Frame BE3E
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
49 B
442 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame BE3E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi&tc=1
49 B
442 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi&tc=1
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT, Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
9.gif
id5-sync.com/i/102/ Frame BE3E
43 B
920 B
Image
General
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/universal/ Frame BE3E
0
34 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.167.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-167-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BE3E
0
0
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

demconf.jpg
dpm.demdex.net/ Frame BE3E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
42 B
717 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Protocol
H2
Server
52.18.28.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-28-96.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-02a370a0b.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Rd01aMYjRb0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0de8db4a5.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
j4mqbFCBRKs=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
x.bidswitch.net/ Frame BE3E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&google_hm=YTE4Nzk5Y2ItNWY1OS00MGZjLWJkM2YtMTU4M2ZlODdjN2Iw
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
Protocol
H2
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
b1sync.zemanta.com/usersync/smart/ Frame BE3E
0
64 B
Image
General
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame CF42
33 B
276 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
3f8b1b7a3b3c9d91b1e862ee5df97d391711977d35553da1e6734b29fbe6f665
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.jcontentcdn.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9874
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dabf742fe032a068b%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 99C9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 01:10:43 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame E0CA
2 KB
1 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79cf4a407dc82dc566f601ae4a95ea1b6bc05a7ca61da29a8323faf215210e14

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82a588b699e59954-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjCAKn6%2Bi1pR8qpJQJOPt10w8OIoA1fRtXyCR9%2BAsvggGtHp6jUPFFjSKtSZQKQmYKx%2BtWf8KU700ui4wAL38g1cbkhCwvQzkIE7C%2FbUwv1I2Mv%2F8NwbOhHZe4L5c%2FEAmNg9fLfC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 8345
1 KB
1000 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
35110
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 29 Oct 2028 20:46:09 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
3ffc1a1a87b2d1d9b475b2b0c2cbf38c
x-cf-tsc
1698820281
x-cf1
29080:fL.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 0443
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame F0F2
760 B
797 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8d4b7c4cc6755eae89612ba8b0807c2461d2070e88035c69ffe64681e8a446
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
82a588b728bebb73-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=jbLIwnwxeHJpT1BDMURlM0FyYWhpMW4wdXRjSEVYcDNKVi9BOFNNT1pUYjBudmk2OGk2enNNaTVodVdYZHhZQkJUTGMzMVRzTWtDUFBvdXFPZVRSWDM3Z1kwaXQrWlE3ak81WURVY25yYTB4bkMyaFZNcG44ejNyZ0hITng0U08yUXZsMTRHMEtmQnVWSTlWWDBsNk55aHdrN0VCc2t4T0RoQ24zZHNuY0NjTVkwUUdwczBTQjBuTXlFMzJ1UWNsVytYeFV6cXgzcVk1ZytMZEZnL3FBL3ZLbFExTVZvMmlWWnhyUE5ieXkrQTIrL3gyTVpmV01DaTR0ME9TZkZsTzJobGNKfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
174906
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
mw
mwzeom.zeotap.com/ Frame 86B8
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df93...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=05014bea-0d1a-407f-4775-56a31540b29a&zdid=1361
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=05014bea-0d1a-407f-4775-56a31540b29a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b83961bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=05014bea-0d1a-407f-4775-56a31540b29a&zdid=1361
date
Thu, 23 Nov 2023 01:10:43 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 86B8
95 B
165 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=05014bea-0d1a-407f-4775-56a31540b29a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b7a908bb73-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 86B8
557 B
416 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=05014bea-0d1a-407f-4775-56a31540b29a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157318bacbdde43ab90574cdedfaf4d56ea93ef4f6d5051872114b90066474ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b7a909bb73-FRA
access-control-allow-headers
*
501709.gif
idsync.rlcdn.com/ Frame 2718
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b0228b5be9b6460fa731189bdbe24492
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b0228b5b-e9b6-460f-a731-189bdbe24492
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%3A1700701844.201286&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8ea40670-ef46-4fa7-9d4a-2d08a9f8...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329716308519&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8ea40670-ef46-4fa7-9d...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%3A1700701844.201286&_=1700701844.203331
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%3A1700701844.201286&_=1700701844.203331
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Thu, 23 Nov 2023 01:10:44 GMT
via
1.1 5b3be43b5ff3292b36e9c737ff94254a.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
MUC50-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%3A1700701844.201286&_=1700701844.203331
content-length
443
x-amz-cf-id
L9lqRvPq9ChuNrKc00SI9MZOkPnNqjbkQ9jQzSyZUnkQaX2ca9A59g==
casale
match.adsrvr.org/track/cmf/ Frame 2718
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 2718
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV6mjkoPYbSZosfd0TjSlQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf98GDj1-20BLiAgIcGUY4&google_cver=1
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf98GDj1-20BLiAgIcGUY4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylvFGi8rn2%2BouuTUnzOSFR8q9WhByVDdBrjLqG80dqrAYNiru3CW%2FVKsYQXvNJ2I3p5ikMnGJIWQLh2Vn0r%2FdpbqWWD6sQuYEjOUYfcZteUZM8AdsqQ%2F2vzcTXLEUaBOwbIcPBR7jVgpsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a588b86ac29954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf98GDj1-20BLiAgIcGUY4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2718
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV6mjkoPYbSZosfd0TjSlQAADLEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNNLbgg6zG1JlwC2x6gH7Q&google_cver=1
43 B
733 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNNLbgg6zG1JlwC2x6gH7Q&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLNTnjWTihNG0RzFtLlKLNz6a2h94KZ4etZS91exlRfIdUQRunFxwuMtY0h3jrh%2BJihTFqNQpEdT7YhqzTlU1CGY4O%2FK0dmlhC%2FPgAc1osjeLneaBjiISZRPqGnCm2jEhOXjbadHw5y%2BSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a588b7fa919954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHNNLbgg6zG1JlwC2x6gH7Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 2718
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2718
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=855584585918&us_privacy=1---
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=855584585918&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wulI11LZgZV5kvpxiiTfqRGhyJ1SOhJ7IhsD7ngQ1Pw%2BwJJvZdQvsQUp4fyoagnz1ekpsS25KWmBbC6HIuV%2BO7LNquGS55BIOcMLC9Nih0Sdskii8Y39J9I%2Fbz82DNIwLF3vwhsH8iekiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a588b85ac09954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=855584585918&us_privacy=1---
content-length
0
tp_out
d.adroll.com/cm/index/ Frame 2718
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:3684:ac58:ec44:5836 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2718
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-ams03.e-planning.net/ Frame 2718
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=abf742fe032a068b&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif
csync
sync.spotim.market/ Frame 9C5E
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&us_privacy=1---&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 9C5E
4 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
AMS50-C1
age
515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"594c94f05d6e65f49ee3acdd5d971b89"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82a588b75de63a79-FRA
x-amz-cf-id
vlI0ZG8VuVAreg5Dt4JuwOVmpoJJZDIVDSAuSP_MVMAu7EwKw-Mk3w==
expires
Thu, 23 Nov 2023 02:10:43 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
197501
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame F38E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
  • https://mug.criteo.com/sid?cpp=1egP9nwwdGJhZWdtenJTRDBFdjVyUmtIRXREb2dwanZtL3RObFNZV3pDWG5tMVVwL29pQ1R4Nkd6b3FDSlhENitjL3Y0ZC83cHFidWZpeUN1R0RKOUJEZitlSnFnWUU2TjVPTXBrbU1VRDlMa0VoVUlqL3pNcDU5dmY3en...
348 B
652 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=1egP9nwwdGJhZWdtenJTRDBFdjVyUmtIRXREb2dwanZtL3RObFNZV3pDWG5tMVVwL29pQ1R4Nkd6b3FDSlhENitjL3Y0ZC83cHFidWZpeUN1R0RKOUJEZitlSnFnWUU2TjVPTXBrbU1VRDlMa0VoVUlqL3pNcDU5dmY3enhFNnNvUUo0dE9qbE11M2kyclNJcC9CcFdCdHAzbVU1ZlFJNUJCdFZsbFVURk1MQzZlZnVaV3g5a2J0d1IxQS9ld3hIYlVwMFE2TllkbzgrakVXRlNWdlZiRmg2ZEcrelNadFFCd2MzQStlUHFLQ0s4OVUzMVkrc0p1YWdaZE8rVU56L05IZlpBfA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
890ca49a0f6c23602c5c7ab839c3965ed54329f638ea58f41e569e0c84bca09d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
386446
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
location
https://mug.criteo.com/sid?cpp=1egP9nwwdGJhZWdtenJTRDBFdjVyUmtIRXREb2dwanZtL3RObFNZV3pDWG5tMVVwL29pQ1R4Nkd6b3FDSlhENitjL3Y0ZC83cHFidWZpeUN1R0RKOUJEZitlSnFnWUU2TjVPTXBrbU1VRDlMa0VoVUlqL3pNcDU5dmY3enhFNnNvUUo0dE9qbE11M2kyclNJcC9CcFdCdHAzbVU1ZlFJNUJCdFZsbFVURk1MQzZlZnVaV3g5a2J0d1IxQS9ld3hIYlVwMFE2TllkbzgrakVXRlNWdlZiRmg2ZEcrelNadFFCd2MzQStlUHFLQ0s4OVUzMVkrc0p1YWdaZE8rVU56L05IZlpBfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
240713
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame F38E
135 B
416 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame F38E
43 B
317 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.45.7.50
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame F38E
63 B
422 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
4d8de01ad29f8d43c9a8639d185fe4dacc10fdde514e6898b43944e0617960d9

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 01:10:43 GMT
track
track1.aniview.com/ Frame 91A5
0
145 B
Ping
General
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc_dd&cd4=69e8c91c-0d7c-450e-895d-53585b4e0e45&cd5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.6.1&cd11=A&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.143&apppkg=&fv=3&proto=https&clsid=dff1091c-ad04-4a80-b7ee-3b6e5265284d&rando=92
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
isyn
prebid.a-mo.net/ Frame 5E43
148 B
244 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
951b7d63c67a14bf5fb41581a8515353f456724c9eca4aaea220315c913a07af

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
ixmatch.html
js-sec.indexww.com/um/ Frame 6D1E
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
310
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82a588b76bf6bbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 05:10:43 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 9921
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
11d7ab49-8223-416c-bfce-2ff1db8e9ff4
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
isyn
prebid.a-mo.net/ Frame 3DC4
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 23 Nov 2023 01:10:42 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 97C4
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 8CFF
22 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
78edd19a5f2a3cbb51e5a1f3df7b5babfde5fb3bc80326a03dc8b2d18af828c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8052
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Sat, 25 Nov 2023 01:10:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame A705
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"623de86a-cf34"
Expires
Fri, 24 Nov 2023 01:10:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
usync.html
eus.rubiconproject.com/ Frame 9CE0
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
%25%25YOUR_COOKIE_SYNC_URL%25%25
sync.app.copper6.com/ Frame CFDC
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%%
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
21 B
166 B
Document
General
Full URL
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a48454e324f1c09ade5eeecfa8cc16abf0da783a77d9639f4a4e112c01ca5f0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
21
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent

Redirect headers

Content-Length
0
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Location
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Server
Adtelligent
syncpixel.html
cdn.deepintent.com/ Frame E407
2 KB
3 KB
Document
General
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.136 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.16.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Thu, 23 Nov 2023 00:44:23 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ABPtcPr6CFeEO6ZHxga4BWaKFqOAq218PRJPCRftzAybOYXBWJLq6dMPvQNTxUdMHXhHonmbnHg
beacon
ap.lijit.com/ Frame B7DC
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 23 Nov 2023 01:10:43 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
csync
sync.spotim.market/ Frame 916D
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
43 B
457 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 23 Nov 2023 01:10:43 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
X-Sovrn-Pod
ad_ap3ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B9D0
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 7833
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1700701839458&gdpr=0&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 14B5
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame F38E
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=3356acbef0&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame F38E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
42 B
716 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Protocol
H2
Server
52.18.28.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-28-96.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-034c53ac2.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
RjjxxvvBQYo=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-097c24447.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
uggvouRyREg=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ad232de9-bca9-4b3c-a88d-fe0ff745e545
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
rtset
bh.contextweb.com/bh/ Frame F38E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ad232de9-bca9-4b3c-a88d-fe0ff745e545&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=djdhb2VrcU8zVTAyVmh4bGpTbEU4Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
49 B
486 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-rvnf5
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ID1=ad232de9-bca9-4b3c-a88d-fe0ff745e545
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ Frame F38E
0
0
Image
General
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.228.164.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

us.gif
sync.go.sonobi.com/ Frame F38E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
49 B
442 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
an-x-request-uuid
dad3cc6e-be77-4b53-85a7-f1d42dffc8f0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usg.gif
sync.go.sonobi.com/ Frame F38E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=YWQyMzJkZTktYmNhOS00YjNjLWE4OGQtZmUwZmY3NDVlNTQ1&google_tc=
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
49 B
442 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame F38E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&google_hm=YTE4Nzk5Y2ItNWY1OS00MGZjLWJkM2YtMTU4M2ZlODdjN2Iw
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
Protocol
H2
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDr2vgjxM66l4Gw732MVXMw&google_cver=1&ssp=sonobi&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/ Frame F38E
0
0
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

us.gif
sync.go.sonobi.com/ Frame F38E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Date
Thu, 23 Nov 2023 01:10:43 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/ Frame F38E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT, Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ Frame F38E
47 B
47 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZTYCQ663EWPD9KZWSSQK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
us.gif
sync.go.sonobi.com/ Frame F38E
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatch
ssum-sec.casalemedia.com/ Frame F38E
0
0
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

/
s.ad.smaato.net/c/ Frame F38E
0
242 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:33 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
10
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
pW8HJjkHA-uM56M7-VALmQ2l9gxdFjsLTUr0kAAbt4h00jvT4VaRng==
/
rtb-csync.smartadserver.com/redir/ Frame F38E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV6mkwABqHbi3QBH&gdpr=0&gdpr_consent=&_test=ZV6mkwABqHbi3QBH
43 B
350 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV6mkwABqHbi3QBH&gdpr=0&gdpr_consent=&_test=ZV6mkwABqHbi3QBH
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-fra-eddf8230116-FRA
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700701843.444682,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV6mkwABqHbi3QBH&gdpr=0&gdpr_consent=&_test=ZV6mkwABqHbi3QBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame F38E
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
redir
rtb-csync.smartadserver.com/ Frame F38E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACdYk7KvU0AABK9vc6yJA&partnerid=127&gdpr=0
43 B
357 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AACdYk7KvU0AABK9vc6yJA&partnerid=127&gdpr=0
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AACdYk7KvU0AABK9vc6yJA&partnerid=127&gdpr=0
Date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
rtb.adxpremium.services/ Frame 9531
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
0
556 B
Image
General
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3522532217855601334478
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
track
track1.aniview.com/ Frame 0FF1
0
145 B
Ping
General
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc&cd4=69e8c91c-0d7c-450e-895d-53585b4e0e45&cd5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.6.1&cd11=A&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.143&apppkg=&fv=3&proto=https&clsid=d82a2067-1738-4e09-85ee-f8575934c503&rando=13
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 4BC3
59 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 08:43:52 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
59212
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
XZtaxsP_hXkaXvOxIZDaJMfAyd8K_Y029iSZDyf1je9u6untspMPXw==
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame BB8E
59 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 08:43:52 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
59212
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
7Q_hMpQ4q_YrNc-AYRYW0RMn6GqwYgwcS41dLWUyO4G3MfBNm9d0og==
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=bxiFWnx3TENieGFrTjk0NWFPaG02OHl0N3VXZThVdmFKQXpzOCtnZzJ2T2o0SlU1MVRub3JqdW5MNlpVeHk3NTVDWjlqY2wrazhUcDhTbWsyQ3lSUm1lMWhXa09ZYmQ4eHVsZlJoQW9UckhCZUxWbkFJMHRTNGlHT3o5RnZmZFpFSmgvbVBYZzJ0QWZvOEk2VGFOaHFzd1VBWWN2NDQ1MW1mVElmQ2hQMk00aEJibVUyZHhzWEhCYUpHcnZzQzl4SGFacjR6eEtDMmhaTXFOODhBMjhscFFvcFNtWDQ2MEVjQUoxbmR2a3dNSmlLU1RVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
169919
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
692.json
id5-sync.com/g/v2/ Frame CF42
251 B
533 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11595.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
854f4f20f25474591f4c4400518b7a65b0c99d7e570bd23cc1a9705a3e560a49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.jcontentcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.jcontentcdn.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
501709.gif
idsync.rlcdn.com/ Frame E0CA
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV6mjkoPYbSZosfd0TjSlQAA%263249&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d34167401ddd484f81c4c7646e157d0c
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d3416740-1ddd-484f-81c4-c7646e157d0c
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a610202f-416f-4b94-a789-ad8a4c335e2f%3A1700701844.058535&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da610202f-416f-4b94-a789-ad8a4c33...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329716308519&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da610202f-416f-4b94-a7...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a610202f-416f-4b94-a789-ad8a4c335e2f%3A1700701844.058535&_=1700701844.067758
0
42 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=a610202f-416f-4b94-a789-ad8a4c335e2f%3A1700701844.058535&_=1700701844.067758
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Thu, 23 Nov 2023 01:10:44 GMT
via
1.1 5b3be43b5ff3292b36e9c737ff94254a.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
MUC50-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=a610202f-416f-4b94-a789-ad8a4c335e2f%3A1700701844.058535&_=1700701844.067758
content-length
443
x-amz-cf-id
gOzi03SC5GyPaXQ8RMR8yww6fyHgNbKxrYhlqf3BasTsbd2Pa_CXPw==
ie
match.prod.bidr.io/cookie-sync/ Frame E0CA
43 B
433 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.78.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-78-43.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame E0CA
43 B
652 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV6mjkoPYbSZosfd0TjSlQAADLEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700701843338000-523
crum
dsum-sec.casalemedia.com/ Frame E0CA
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1716426643&external_user_id=eb31808a-d0da-4d47-8289-ed3f58437407
43 B
740 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1716426643&external_user_id=eb31808a-d0da-4d47-8289-ed3f58437407
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ouxn3uz3fnLAnhuK%2FmdlIeGtRfK57j8VCA%2B6uDy2dxi2Zk%2FJmQQZTZ5CIlcM%2Bhxo%2FyixP7zGHd4583Ad%2F%2FnXzapuaecx%2B59HISsMY6DU7QZPydaP4yalQbwRAtw85CUGRywm%2Bbgy03MRMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a588b95b3e9954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1716426643&external_user_id=eb31808a-d0da-4d47-8289-ed3f58437407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
usermatchredir
ssum-sec.casalemedia.com/ Frame E0CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV6mjkoPYbSZosfd0TjSlQAADLEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFTDaywyF0bUzoZsq1RWuR4&google_cver=1
43 B
740 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFTDaywyF0bUzoZsq1RWuR4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EupAi%2BilGYJDmgG%2F%2B%2BPX8exV0XOg0cpPstaZHI51VYLf6T5n4mpZXvGVKygwgJUE%2B6Y4YaSamHvLt2pns51tmBm%2B4YUZElucWBrvyuCcMweAwQff87qJmmNaX28B%2Fj3zB%2F9DfyrsYj%2BYgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a588b86ac79954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFTDaywyF0bUzoZsq1RWuR4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E0CA
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame E0CA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8360122921520775269
43 B
738 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8360122921520775269
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BX7e5IblPRPGeMSVL2NlkJ8OozKgTkrPAxSaK1JCddLxz0FYD3yjquSiFQ5fMziqc4OTCZRSw%2B%2BfZMMThxo2i2EO7FhLCead29H%2FBIx7Fk8%2B1Pfh%2FFGqB2KQ4gVrCV3Gw0rHM6ft5DN%2BVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a588b86ac49954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8360122921520775269
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame E0CA
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=86bc1113-1113-4eb3-b372-9eb8000d3cd8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
475 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=86bc1113-1113-4eb3-b372-9eb8000d3cd8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPJbJE4op6lMsWNiSgKEk5FA1iV%2F8h8CugnSROOylUunYIR%2BNtj9NQv85XLqtp%2FEdcqZRw30wuRvHjg01CphIAt3iCpXRQ%2BV1VNQphb2eopnXX81f0kF4CaNW4ToZSU4r69YD00JIpL0yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
82a588b8db0a9954-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=86bc1113-1113-4eb3-b372-9eb8000d3cd8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 23 Nov 2023 01:10:43 GMT
server
_
content-length
0
um
u-ams03.e-planning.net/ Frame E0CA
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=abf742fe032a068b&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif
v1
lb.eu-1-id5-sync.com/lb/ Frame BE3E
33 B
275 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
9d6e5a71a4d31d0b227fcaceced2ec1f080f11753c73b4c294af89cd7f4d9ce2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
15581
rtb.gumgum.com/usync/ Frame 23A9
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.36.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-36-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80ae3df00078545c5cc27477007822c75f1d659d3e93e41de0358fef10f7210f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
etag
W/"0d3d790c45787ce0b3fe0a69dbf78ceb0"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 0F22
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 23 Nov 2023 01:10:43 GMT
csync
sync.adtelligent.com/ Frame 92D6
43 B
453 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AGoOP8CWAjycq14Z
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent
15581
rtb.gumgum.com/usync/ Frame 2067
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.36.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-36-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b6a7f90a6ceb1c93e4d283e9b1b7efba5a2aaf60d89340bda202154c493ea0de

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
etag
W/"0bc06cebd9e7f6702fb6f258fd0bc980c"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame AE06
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 23 Nov 2023 01:10:43 GMT
csync
sync.adtelligent.com/ Frame 152F
43 B
453 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AGoOP8CWAjycq14Z
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:42 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent
usync.js
eus.rubiconproject.com/ Frame 1DB2
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72107
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:30 GMT
track
track1.aniview.com/ Frame 1AFE
0
145 B
Ping
General
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=conversation&cd4=69e8c91c-0d7c-450e-895d-53585b4e0e45&cd5=seZnCV1-LD5oVijTVIqd4IahhGIWyaZiLe0yrUrbhHwMkGt_mCihwE-LpyNk0d-k&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.6.1&cd11=A&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=948&he=533&test=&d36=6.2.143&apppkg=&fv=1&proto=https&clsid=8decdf0a-5e26-4569-9d1a-8392fe5c6a7b&rando=77
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mw
mwzeom.zeotap.com/ Frame F0F2
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df93...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=c3f546e4-eb42-463f-548b-42d90226f080&zdid=1361
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=c3f546e4-eb42-463f-548b-42d90226f080&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b83962bb73-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=c3f546e4-eb42-463f-548b-42d90226f080&zdid=1361
date
Thu, 23 Nov 2023 01:10:43 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame F0F2
95 B
204 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=c3f546e4-eb42-463f-548b-42d90226f080&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b7e92dbb73-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame F0F2
557 B
418 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=c3f546e4-eb42-463f-548b-42d90226f080&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6450c8a6c62eaf1fedc6484d92ef795d92c41e617693be348a90d22d7d45726a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
82a588b8395bbb73-FRA
access-control-allow-headers
*
csync
sync.spotim.market/ Frame 5E43
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&us_privacy=1---&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 5E43
4 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
via
1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
AMS50-C1
age
515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"594c94f05d6e65f49ee3acdd5d971b89"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82a588b83e653a79-FRA
x-amz-cf-id
vlI0ZG8VuVAreg5Dt4JuwOVmpoJJZDIVDSAuSP_MVMAu7EwKw-Mk3w==
expires
Thu, 23 Nov 2023 02:10:43 GMT
usync.js
eus.rubiconproject.com/ Frame 57D3
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72107
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:30 GMT
usync.js
eus.rubiconproject.com/ Frame 9CE0
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72107
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:30 GMT
usync.js
eus.rubiconproject.com/ Frame 99C9
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72107
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:30 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=1egP9nwwdGJhZWdtenJTRDBFdjVyUmtIRXREb2dwanZtL3RObFNZV3pDWG5tMVVwL29pQ1R4Nkd6b3FDSlhENitjL3Y0ZC83cHFidWZpeUN1R0RKOUJEZitlSnFnWUU2TjVPTXBrbU1VRDlMa0VoVUlqL3pNcDU5dmY3enhFNnNvUUo0dE9qbE11M2kyclNJcC9CcFdCdHAzbVU1ZlFJNUJCdFZsbFVURk1MQzZlZnVaV3g5a2J0d1IxQS9ld3hIYlVwMFE2TllkbzgrakVXRlNWdlZiRmg2ZEcrelNadFFCd2MzQStlUHFLQ0s4OVUzMVkrc0p1YWdaZE8rVU56L05IZlpBfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
167724
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
692.json
id5-sync.com/g/v2/ Frame BE3E
251 B
532 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
4b0cc00e989a9c02a5fcea4e4dde896eecd27e592c2764802ebcde76d4c6821e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
108
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/108
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
112
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/112
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
150
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/150
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
121
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/121
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
126
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/126
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
129
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/129
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
147
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/147
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
106
match.deepintent.com/usersync/ Frame E407
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/106
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
108
match.deepintent.com/usersync/ Frame 4B1D
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/108
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
112
match.deepintent.com/usersync/ Frame 4B1D
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/112
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
150
match.deepintent.com/usersync/ Frame 4B1D
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/150
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
121
match.deepintent.com/usersync/ Frame 4B1D
0
39 B
Image
General
Full URL
https://match.deepintent.com/usersync/121
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
126
match.deepintent.com/usersync/ Frame 4B1D
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/126
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
129
match.deepintent.com/usersync/ Frame 4B1D
0
39 B
Image
General
Full URL
https://match.deepintent.com/usersync/129
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
147
match.deepintent.com/usersync/ Frame 4B1D
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/147
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
106
match.deepintent.com/usersync/ Frame 4B1D
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/106
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
v1
lb.eu-1-id5-sync.com/lb/ Frame F38E
33 B
275 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ad1c4b815f05957ef937c30c713c9d3ee412d21021d5876ec8952ff6b493043d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
setuid
user-sync.adxpremium.services/ Frame 9531
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
86 B
688 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
setuid
user-sync.adxpremium.services/ Frame 78A1
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
86 B
688 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9ee79f2a1b71a9f83c4086b1746a1737433284935135a950482df547de8ddba8
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
/
s.console.adtarget.com.tr/sync/ Frame 946F
0
274 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://p.jcontentcdn.com/
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5232::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/sync.html?aid=755289
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
s.console.adtarget.com.tr/sync/ Frame CC69
0
274 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://p.annocdn.com/
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5232::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/sync.html?aid=755289
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Nov 2023 01:10:42 GMT
Server
Adtelligent
X-Robots-Tag
noindex
khaos.json
token.rubiconproject.com/ Frame 1DB2
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
usersync
usersync.gumgum.com/ Frame 2067
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
an-x-request-uuid
e658dd58-e7ec-4ed6-8856-ac8afa93dc45
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 2067
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4e855d2d-b4ff-468b-8030-040696ea34de&gdpr=&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 2067
43 B
120 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2067
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
Date
Thu, 23 Nov 2023 01:10:43 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2067
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
content-length
0
usersync
usersync.gumgum.com/ Frame 2067
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=982d105c-ecab-4c16-aa53-33e800b6d8b9
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=982d105c-ecab-4c16-aa53-33e800b6d8b9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=982d105c-ecab-4c16-aa53-33e800b6d8b9
Date
Thu, 23 Nov 2023 01:10:44 GMT
Connection
keep-alive
X-CI-RTID
532f6ffc-2bde-407f-99e0-eefa28c02ff6
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 2067
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 2067
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4e855d2d-b4ff-468b-8030-040696ea34de&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2067
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=8BYAYhoRWDZP&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=8BYAYhoRWDZP&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=8BYAYhoRWDZP&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-rvnf5
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 2067
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
um
sync.e-planning.net/ Frame 2067
42 B
103 B
Image
General
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=abf742fe032a068b&uid=e_4e855d2d-b4ff-468b-8030-040696ea34de
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 23A9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
an-x-request-uuid
5f0d8fe1-0347-43b6-8fb0-612714e4d7d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7672818372472082626
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 23A9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_13666cc5-5252-4d01-9988-a2dde8979b38&gdpr=&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c71ac20b-29df-4fbc-99a8-fb3695f0bdbe&expires=1&user_group=2&ssp=gumgum2&bsw_param=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=a18799cb-5f59-40fc-bd3f-1583fe87c7b0&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 23 Nov 2023 01:10:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 23A9
43 B
304 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 23A9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1dd466ae-bbad-599e-6cce-d03577804d2e$ip$80.255.10.199
Date
Thu, 23 Nov 2023 01:10:43 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 23A9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-iavCYlpE2pfiIZVGKwkOqsc_0eX9U.khsA2J~A
content-length
0
usersync
usersync.gumgum.com/ Frame 23A9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b5f685b8-37fa-4b5c-95d5-5cecdffb19cf
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b5f685b8-37fa-4b5c-95d5-5cecdffb19cf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b5f685b8-37fa-4b5c-95d5-5cecdffb19cf
Date
Thu, 23 Nov 2023 01:10:44 GMT
Connection
keep-alive
X-CI-RTID
d7a0e1e4-0735-46eb-aded-08549653111b
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 23A9
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 23A9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_13666cc5-5252-4d01-9988-a2dde8979b38&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 23A9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=YwdHHfnVEujv&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=YwdHHfnVEujv&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 01:10:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=YwdHHfnVEujv&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-rvnf5
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 23A9
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:42 GMT
content-length
0
um
sync.e-planning.net/ Frame 23A9
42 B
103 B
Image
General
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=abf742fe032a068b&uid=e_13666cc5-5252-4d01-9988-a2dde8979b38
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Thu, 23 Nov 2023 01:10:43 GMT
content-type
image/gif
692.json
id5-sync.com/g/v2/ Frame F38E
251 B
532 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
9432dc074b4f5712a455be9eee14eb96d2f55ace2ec88a11d31b63704793234e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 9CE0
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame F38E
146 B
374 B
Fetch
General
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.29.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea78c5f1cba3167ade713e23c630bb56c83c30483b57db9552c9ef1446da3b79

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-api-key
79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
x-amzn-trace-id
Root=1-655ea694-42ff459e6e10622b63b1d1cf
x-amzn-requestid
ea90f645-533a-48e7-85a0-5ad8da909caf
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
O073NHj_vHcEsXg=
content-length
146
usersync
rtb.gumgum.com/ Frame 1BA8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5327810569399153408&gdpr=&gdpr_consent=
35 B
208 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5327810569399153408&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.36.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-36-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 23 Nov 2023 01:10:44 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5327810569399153408&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 282C
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80ZTg1NWQyZC1iNGZmLTQ2OGItODAzMC0wNDA2OTZlYTM0ZGU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2C54
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 01F1
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 7A3D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8XYAALgqW9wAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8XYAALgqW9wAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Nov 2023 01:10:44 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8XYAALgqW9wAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad13.dc4p.scaleout.jp
X-SO-IP
80.255.10.199
X-SO-Key
ZV6mlMCo8XYAALgqW9wAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZV6mlMCo8XYAALgqW9wAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad13"}
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad13
usersync
usersync.gumgum.com/ Frame E4CB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 23 Nov 2023 01:10:43 GMT Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 3F9F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 01:10:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usersync
rtb.gumgum.com/ Frame 8450
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=7464508210251001830&gdpr=&gdpr_consent=
35 B
208 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=7464508210251001830&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.36.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-36-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 23 Nov 2023 01:10:44 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=7464508210251001830&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 92E9
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMzY2NmNjNS01MjUyLTRkMDEtOTk4OC1hMmRkZTg5NzliMzg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F14F
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 8C2F
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 51C1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8X0AABYv8N8AAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8X0AABYv8N8AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Nov 2023 01:10:44 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZV6mlMCo8X0AABYv8N8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40266.dc2p.scaleout.jp
X-SO-IP
80.255.10.199
X-SO-Key
ZV6mlMCo8X0AABYv8N8AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZV6mlMCo8X0AABYv8N8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40266"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40266
usersync
usersync.gumgum.com/ Frame 5E8C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:44 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 23 Nov 2023 01:10:43 GMT Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 358B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dabf742fe032a068b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 01:10:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sid
mug.criteo.com/ Frame 4B51
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
  • https://mug.criteo.com/sid?cpp=uggj73wxeWdnRzRHcURBNTQ5emczZUNGdXh2T2xkbTViTFhNU09naisxdk1NTmpCN1VDQUV5VHRsb0EwU1NjVmJURzBwSkVtb3R6TE43Zi82SHZkcVFJL1JOVG1SZndyMXVGUlVzZWVMb0NOVklmUTk4ZHNLaGNIY0twUj...
354 B
645 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=uggj73wxeWdnRzRHcURBNTQ5emczZUNGdXh2T2xkbTViTFhNU09naisxdk1NTmpCN1VDQUV5VHRsb0EwU1NjVmJURzBwSkVtb3R6TE43Zi82SHZkcVFJL1JOVG1SZndyMXVGUlVzZWVMb0NOVklmUTk4ZHNLaGNIY0twUjZZT3dwcTlxcEZ5c3VsZGhnd3hGMW1COTFZeXhaV3d1YTlMZENGQzRBT09GcVpBYTBvUmMydTB3bW8zeGFRM1ZpR1VheE9FbUIyRWJrMjNvVjBKZlU1TnhSNWs4ekJIM0FTbGw5WW5OZDRqOFlxU1ZQcE5JPXw&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
62fa333d425bc05720d7bc033a697fd322a2deaf42d775e360cb7d4f5aebc507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
431837
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
location
https://mug.criteo.com/sid?cpp=uggj73wxeWdnRzRHcURBNTQ5emczZUNGdXh2T2xkbTViTFhNU09naisxdk1NTmpCN1VDQUV5VHRsb0EwU1NjVmJURzBwSkVtb3R6TE43Zi82SHZkcVFJL1JOVG1SZndyMXVGUlVzZWVMb0NOVklmUTk4ZHNLaGNIY0twUjZZT3dwcTlxcEZ5c3VsZGhnd3hGMW1COTFZeXhaV3d1YTlMZENGQzRBT09GcVpBYTBvUmMydTB3bW8zeGFRM1ZpR1VheE9FbUIyRWJrMjNvVjBKZlU1TnhSNWs4ekJIM0FTbGw5WW5OZDRqOFlxU1ZQcE5JPXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
246822
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 4B51
135 B
416 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 4B51
43 B
318 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.45.12.168
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 4B51
63 B
422 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
4d8de01ad29f8d43c9a8639d185fe4dacc10fdde514e6898b43944e0617960d9

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 01:10:43 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1CD9
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"623de86a-cf34"
Expires
Fri, 24 Nov 2023 01:10:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC33
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 822F
22 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
78edd19a5f2a3cbb51e5a1f3df7b5babfde5fb3bc80326a03dc8b2d18af828c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8052
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Sat, 25 Nov 2023 01:10:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
onetag-sys.com/usync/ Frame F67E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 4707
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
310
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82a588bcbe6abbb0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 05:10:43 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F081
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
syncpixel.html
cdn.deepintent.com/ Frame 3A4A
2 KB
2 KB
Document
General
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.136 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.16.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Thu, 23 Nov 2023 00:44:23 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ABPtcPr6CFeEO6ZHxga4BWaKFqOAq218PRJPCRftzAybOYXBWJLq6dMPvQNTxUdMHXhHonmbnHg
/
onetag-sys.com/usync/ Frame E1C6
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1700701839460&gdpr=0&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 91BB
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
43 B
457 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:43 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 23 Nov 2023 01:10:43 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=Hs6GrBZHObQumfFsTDKeQlu7
X-Sovrn-Pod
ad_ap3ams1
isyn
prebid.a-mo.net/ Frame 106B
148 B
244 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
951b7d63c67a14bf5fb41581a8515353f456724c9eca4aaea220315c913a07af

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
isyn
prebid.a-mo.net/ Frame 76FD
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 23 Nov 2023 01:10:43 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E0A
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Thu, 23 Nov 2023 18:55:54 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
%25%25YOUR_COOKIE_SYNC_URL%25%25
sync.app.copper6.com/ Frame 84BE
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.app.copper6.com%2Fcsync%3Fredir%3D%25%25YOUR_COOKIE_SYNC_URL%25%25
  • https://sync.app.copper6.com/csync?redir=%%YOUR_COOKIE_SYNC_URL%%
  • https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
21 B
166 B
Document
General
Full URL
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a48454e324f1c09ade5eeecfa8cc16abf0da783a77d9639f4a4e112c01ca5f0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
21
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
Adtelligent

Redirect headers

Content-Length
0
Date
Thu, 23 Nov 2023 01:10:43 GMT
Etag
3cdf9bd93e9bc473
Location
https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Server
Adtelligent
beacon
ap.lijit.com/ Frame 424A
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 23 Nov 2023 01:10:43 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
csync
sync.spotim.market/ Frame 2079
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 01:10:43 GMT
Etag
3cdf9bd93e9bc473
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
fbbe61e1-9b63-4d11-8041-907d185215a0
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7672818372472082626&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame 4B51
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322329716308519&expires=30&ssp=sonobi
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322329716308519&expires=30&ssp=sonobi
Protocol
H2
Server
18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322329716308519&expires=30&ssp=sonobi
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 4B51
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=o4IZsbDPH9h8wcVevKBDlZMM12YQ4PmPeK6CD6fRLKs&pi=sonobi
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT, Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
9.gif
id5-sync.com/i/102/ Frame 4B51
43 B
920 B
Image
General
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 23 Nov 2023 01:10:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
us.gif
sync.go.sonobi.com/ Frame 4B51
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
an-x-request-uuid
5505e415-ea68-4bac-bf1f-2f696c89338d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7672818372472082626
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 4B51
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5124322329716308519
Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame 4B51
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=3356acbef0&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
us.gif
sync.go.sonobi.com/ Frame 4B51
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=HdRmrrutWZ5sztA1d4BNLlD_Csc
Date
Thu, 23 Nov 2023 01:10:43 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 4B51
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cdf5c95b-b35b-499f-a061-ced33c0f0dce&gdpr=0&gdpr_consent=
43 B
444 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cdf5c95b-b35b-499f-a061-ced33c0f0dce&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cdf5c95b-b35b-499f-a061-ced33c0f0dce&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
893081
content-length
0
expires
Thu, 23 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B51
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Mjk1MDEyMzkzNzA1MDA2ODUyMw==&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Mjk1MDEyMzkzNzA1MDA2ODUyMw==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Mjk1MDEyMzkzNzA1MDA2ODUyMw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 4B51
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7672818372472082626&gdpr=0&gdpr_consent=
43 B
373 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7672818372472082626&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
an-x-request-uuid
f0d8feba-0abb-4008-828d-f6cc3e641bd2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7672818372472082626&gdpr=0&gdpr_consent=
x-proxy-origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 4B51
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=fcc35494-4c25-4052-8fd4-c7b306b4a6fb&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RzZDWTcyRTZQemlJdjFQeHBNR1dsQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
49 B
486 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-rvnf5
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEF04hs4kMTTgDKXMbhEWGdQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ID1=fcc35494-4c25-4052-8fd4-c7b306b4a6fb
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ Frame 4B51
0
0
Image
General
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=fcc35494-4c25-4052-8fd4-c7b306b4a6fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.228.164.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

/
rtb-csync.smartadserver.com/redir/ Frame 4B51
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=Mjk1MDEyMzkzNzA1MDA2ODUyMw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENO0PlirjFA2VPnvs1tXlPg&gdpr=0&gdpr_consent=&google_cver=1
43 B
404 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENO0PlirjFA2VPnvs1tXlPg&gdpr=0&gdpr_consent=&google_cver=1
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:42 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENO0PlirjFA2VPnvs1tXlPg&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=87880&dpuuid=fcc35494-4c25-4052-8fd4-c7b306b4a6fb
dpm.demdex.net/ Frame 4B51
42 B
715 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=fcc35494-4c25-4052-8fd4-c7b306b4a6fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.18.28.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-28-96.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-028c9a153.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
ADgbhDXPQ6Y=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ Frame 4B51
47 B
47 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X0MMJ4SC4YB98F1F1YK1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
usg.gif
sync.go.sonobi.com/ Frame 4B51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZmNjMzU0OTQtNGMyNS00MDUyLThmZDQtYzdiMzA2YjRhNmZi
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
49 B
367 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-28
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEMiUvxrw0KMWMIcLX12UlEk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/ Frame 4B51
0
0
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=fcc35494-4c25-4052-8fd4-c7b306b4a6fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame
0
0
Preflight
General
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.29.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Thu, 23 Nov 2023 01:10:44 GMT
x-amz-apigw-id
O073LE74vHcEWZg=
x-amzn-requestid
becd5630-07e3-4da0-92d1-e65399c8ddbc
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&cw=1&pbt=1&lsw=1&us_privacy=1---&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:43 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
177371
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=uggj73wxeWdnRzRHcURBNTQ5emczZUNGdXh2T2xkbTViTFhNU09naisxdk1NTmpCN1VDQUV5VHRsb0EwU1NjVmJURzBwSkVtb3R6TE43Zi82SHZkcVFJL1JOVG1SZndyMXVGUlVzZWVMb0NOVklmUTk4ZHNLaGNIY0twUjZZT3dwcTlxcEZ5c3VsZGhnd3hGMW1COTFZeXhaV3d1YTlMZENGQzRBT09GcVpBYTBvUmMydTB3bW8zeGFRM1ZpR1VheE9FbUIyRWJrMjNvVjBKZlU1TnhSNWs4ekJIM0FTbGw5WW5OZDRqOFlxU1ZQcE5JPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 01:10:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
189776
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F081
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72106
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:30 GMT
csync
sync.spotim.market/ Frame 106B
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&us_privacy=1---&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:43 GMT
Server
Adtelligent
Etag
3cdf9bd93e9bc473
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 106B
4 KB
2 KB
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
via
1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
AMS50-C1
age
516
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"594c94f05d6e65f49ee3acdd5d971b89"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82a588bd19013a79-FRA
x-amz-cf-id
vlI0ZG8VuVAreg5Dt4JuwOVmpoJJZDIVDSAuSP_MVMAu7EwKw-Mk3w==
expires
Thu, 23 Nov 2023 02:10:44 GMT
usync.js
eus.rubiconproject.com/ Frame 3F9F
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72106
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:30 GMT
usync.js
eus.rubiconproject.com/ Frame 358B
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 01:10:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72106
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:30 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 4B51
33 B
275 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
89baa1b4b97a811a6983b0fb239f2df4736f6c2a17b74c639246672740a8711c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
108
match.deepintent.com/usersync/ Frame 3A4A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/108
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
112
match.deepintent.com/usersync/ Frame 3A4A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/112
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
content-length
0
server
a
150
match.deepintent.com/usersync/ Frame 3A4A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/150
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
121
match.deepintent.com/usersync/ Frame 3A4A
0
39 B
Image
General
Full URL
https://match.deepintent.com/usersync/121
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
content-length
0
server
a
126
match.deepintent.com/usersync/ Frame 3A4A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/126
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
129
match.deepintent.com/usersync/ Frame 3A4A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/129
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
147
match.deepintent.com/usersync/ Frame 3A4A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/147
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:44 GMT
content-length
0
server
a
106
match.deepintent.com/usersync/ Frame 3A4A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/106
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:43 GMT
content-length
0
server
a
khaos.json
token.rubiconproject.com/ Frame 57D3
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
692.json
id5-sync.com/g/v2/ Frame 4B51
251 B
532 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
5a7415a6ff0333095839423e485a0c336a6eed4ce10d6784ec7d2ed8e22d16f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Thu, 23 Nov 2023 01:10:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 99C9
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
khaos.json
token.rubiconproject.com/ Frame F081
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
sync
vid.vidoomy.com/ Frame 31FE
49 KB
18 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 01:10:44 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
320411
x-77-cache
HIT
x-77-nzt
EQwBnJIhiAH3m+MEAA
x-77-nzt-ray
f6587a1d872f7a5a95a65e65b6c81b00
x-77-pop
frankfurtDE
x-accel-date
1700381433
x-accel-expires
@1701418233
x-age-lb
320411
x-cache-lb
HIT
sync
vid.vidoomy.com/ Frame 4284
49 KB
18 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 01:10:44 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
320411
x-77-cache
HIT
x-77-nzt
EQwBnJIhiAH3m+MEAA
x-77-nzt-ray
f6587a1d872f7a5a95a65e656c740100
x-77-pop
frankfurtDE
x-accel-date
1700381433
x-accel-expires
@1701418233
x-age-lb
320411
x-cache-lb
HIT
khaos.json
token.rubiconproject.com/ Frame 3F9F
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
khaos.json
token.rubiconproject.com/ Frame 358B
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame BB8E
155 B
656 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 06:20:12 GMT
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
67834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
qKzFCtDiMdNMIS3vEoJOMochbrj4NEsgOhzB8zufvZcWLJqtro2F1Q==
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 4BC3
155 B
655 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 06:20:12 GMT
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
67834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
-zSNXHfHuGt-8-5Ywi9xB8moLvonPHLu2JpDy7rMdJr6lgtqchHyGg==
setuid
user-sync.adxpremium.services/ Frame 9531
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
0
0

setuid
user-sync.adxpremium.services/ Frame 78A1
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
0
0

data
bcp.crwdcntrl.net/6/ Frame BB8E
60 B
337 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1a06e147cfc5cba1b8b0ab97b52b5a5711f754a8fcf370348919fd7a26de8d38

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.7.50
access-control-allow-credentials
true
content-length
60
expires
0
data
bcp.crwdcntrl.net/6/ Frame 4BC3
60 B
337 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b86b8cc713fda05d14a164b04dc278ea91cdb27ae3ccedf704bd87d88336896f

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 01:10:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.11.76
access-control-allow-credentials
true
content-length
60
expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 4284
0
0

urlsvid.json
vpaid.vidoomy.com/sync/ Frame 31FE
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d3ezl4ajpp2zy8.cloudfront.net
URL
https://d3ezl4ajpp2zy8.cloudfront.net/shefindsmedia-lifestyle_tag.js
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=34e68461-c02d-4ac1-6351-b3057e58c27c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=f9341ab5-dafc-42da-578f-2a3b998f439b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Domain
user-sync.adxpremium.services
URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Domain
user-sync.adxpremium.services
URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV6mjkoPYbSZosfd0TjSlQAA%263249
Domain
vpaid.vidoomy.com
URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Domain
vpaid.vidoomy.com
URL
https://vpaid.vidoomy.com/sync/urlsvid.json

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| CloudflareApps object| marfeel object| mrf boolean| isMobileDevice function| $ function| jQuery function| validateEmail function| mobileMoveRight function| mobileMoveLeft function| ccbForcedQueries function| editorialForcedQueries function| resize_single_cols function| sfCustomFBShare function| putPersonCreate function| form_subscribe function| isElementInViewport object| Sha1 object| sfgs_data object| __core-js_shared__ object| _bt object| email_subscr function| get_cookie string| BOOMTRAIN_API_KEY_1 string| BOOMTRAIN_API_KEY_2 function| gtag object| dataLayer function| fbAsyncInit object| blogherads function| fbq function| _fbq object| _mag function| hj object| _hjSettings function| kwa object| se object| fs function| vglnk object| _qevents object| _paq object| __pmc_atlas_mg_webpack_jsonp__ object| google_tag_manager object| google_tag_data undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| googletag object| gaGlobal object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| MoatUA object| __pmc_atlasmg_pbjs object| _pbjsGlobals function| __uspapi function| __tcfapi object| BAMX function| P function| Composable object| BAMX_EVENT_DATA object| NRTV_EVENT_DATA object| NRTV_LINKMATE_DATA object| NRTV_CLICKMATE_DATA object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| FB object| __buffer boolean| __v5k function| vl_cB function| vl_disable function| quantserve function| __qc object| ezt object| _qoptions object| DataLayer function| ___RMCMPW function| lightboxjs function| lightboxlib string| sbiajaxurl function| validatewEmail function| setCookie function| getCookie function| setMyCookie object| cookieOverlay object| cookieBottom object| $lightboxOverlay object| $lightboxBottom number| windowHeight number| windowWidth object| $lightboxOverlayContent object| $lightboxOverlayContentHTML object| $lightboxOverlayClose object| $lightboxOverlayImage undefined| lightboxOverlayImageWidth undefined| lightboxOverlayImageHeight object| visit object| expire object| $lightboxBottomContent object| $lightboxBottomContentHTML object| $lightboxBottomClose object| $lightboxBottomImage undefined| lightboxBottomImageWidth undefined| lightboxBottomImageHeight object| regeneratorRuntime number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| pbjs function| requestSellwildBids function| initAdserver function| runWidgets object| cmp object| cmpConfiguration object| nodeScript function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson object| __OPEN_WEB__ object| process object| mobileMargins object| m101 boolean| mtz101Loaded function| extend object| config function| shoppingWidget function| priceComparison function| observeDom function| init object| GlobalSnowplowNamespace function| snowplowKW object| PARSELY object| pbjsChunk object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ object| ggeac object| google_js_reporting_queue object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| Snowplow undefined| google_measure_js_timing object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery17108957389347337907_1700701836356 function| owActionQueue object| jQuery17108957389347337907 object| webpackChunknotifications object| webpackChunkpitc object| webpackChunkconversation object| DD_LOGS object| __SPOTIM_DEV_STORE__ function| __SPOTIM_DISABLE_ADS__ function| avPlayer function| vglnk_17007018378016 undefined| vglnk_17007018378017 object| storageAni undefined| vglnk_17007018381699 object| hadron boolean| __halo_loaded__ object| au object| __bt_intrnl

133 Cookies

Domain/Path Name / Value
www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients Name: cookie_two
Value: here
www.shefinds.com/iframe-modal Name: cookie_two
Value: here
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDIFg
.shefinds.com/ Name: btIdentify
Value: 5ea96f80-d0d2-4d33-fc30-03dddd457eb0
.shefinds.com/ Name: _bti
Value: %7B%22bsin%22%3A%22%22%7D
.shefinds.com/ Name: _bts
Value: b19caacd-b75a-4231-89da-71648e7c2317
.shefinds.com/ Name: _ga_SPS2TCRBW2
Value: GS1.1.1700701835.1.0.1700701835.0.0.0
.shefinds.com/ Name: _ga
Value: GA1.1.734051138.1700701835
.lightboxcdn.com/ Name: _cfuvid
Value: o_OIw8x_Ad1mWyqiGaXSnxs_4J9sYm..KcO89p0RIMM-1700701835782-0-604800000
.shefinds.com/ Name: _fbp
Value: fb.1.1700701835797.75550604
.shefinds.com/ Name: _hjSessionUser_368258
Value: eyJpZCI6ImQyNGNiODhiLWQ4N2YtNWRjMy1hMDJhLTc0NTE0OGQ5MWQyZSIsImNyZWF0ZWQiOjE3MDA3MDE4MzU5NDAsImV4aXN0aW5nIjpmYWxzZX0=
.shefinds.com/ Name: _hjFirstSeen
Value: 1
.shefinds.com/ Name: _hjIncludedInSessionSample_368258
Value: 0
.shefinds.com/ Name: _hjSession_368258
Value: eyJpZCI6IjhiNGU3ZDRkLWYxMjgtNGQwYS1iNzhkLTlmODAzMmExNjZjMyIsImNyZWF0ZWQiOjE3MDA3MDE4MzU5NDEsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.shefinds.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.shefinds.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/%22%2C%22sref%22:%22%22%2C%22sts%22:1700701836032%2C%22slts%22:0}
.shefinds.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=cb08f7ac6f1f8fcab95555512a7883b7%22%2C%22session_count%22:1%2C%22last_session_ts%22:1700701836032}
.shefinds.com/ Name: kw.session_ts
Value: 1700701836087
.shefinds.com/ Name: kw.pv_session
Value: 1
www.shefinds.com/ Name: _pk_id.2.25f6
Value: e4ffd1488dcd76c4.1700701836.
www.shefinds.com/ Name: _pk_ses.2.25f6
Value: 1
.narrativ.com/ Name: uid_bam
Value: 1826114692262673635
www.shefinds.com/ Name: gdpr-auditId
Value: 0797d44593e549fa99f800d741b75cb6
.shefinds.com/ Name: _sp_ses.20dc
Value: *
.shefinds.com/ Name: _sp_id.20dc
Value: be43cfd1-44d3-4b10-bf9f-33e05e286d26.1700701836.1.1700701836.1700701836.e3d74c37-60ab-4a3f-9a15-b3f0861eca95
www.shefinds.com/ Name: geo-location
Value: {"country":"DE","region":""}
.postrelease.com/ Name: opt_out
Value: 1
www.shefinds.com/ Name: ntvSession
Value: {"id":4354007,"placementID":1095776,"lastInteraction":1700701836380,"sessionStart":1700701836380,"sessionEndDate":1700780400000,"experiment":""}
.rev-stripe.com/ Name: piuid
Value: 23bbe11ce77fd94dbd33881fd1795bdd
.spot.im/ Name: device_uuid
Value: be6ba606-044e-4070-9e1d-7022439f1a3c
.shefinds.com/ Name: spotim_visitId
Value: {%22visitId%22:%22be6ba606-044e-4070-9e1d-7022439f1a3c%22%2C%22creationDate%22:%22Thu%20Nov%2023%202023%2002:10:36%20GMT+0100%20(Central%20European%20Standard%20Time)%22%2C%22duration%22:1}
.lightboxapi.azurewebsites.net/ Name: TiPMix
Value: 85.1325498698154
.lightboxapi.azurewebsites.net/ Name: x-ms-routing-name
Value: self
.spot.im/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfS1ZPT2dqaEdXMWVWIiwiZGlzcGxheV9uYW1lIjoiQ3lhbkxhbXAiLCJ1c2VyX25hbWUiOiJDeWFuTGFtcCIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNDeWFuLUxhbXAiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNzAwNzAxODM3LCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMxMTIzSThQVzRhLmMxZGY3YzczMzI3MzZjYjQ2MWRjNzZhYWE3OGY0ZjdlMGNjM2Q1NGVlYTc5NDYwNTgxMDc2MDYwMjM4MjgxYmEiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfTzhkVWs4WnhEVFdzUDBOVWRmbDgiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjkxMjM4MzcsInN1YiI6InVfS1ZPT2dqaEdXMWVWIn0.I7AbmehChUyDiyuWjSyaqSYxqsJoB9H1BhGCIlpCPvc
www.shefinds.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.shefinds.com/ Name: _pubcid
Value: 7d43c5f4-7201-4ff3-aa02-e5f0d9efdf30
.openx.net/ Name: i
Value: 5dca54bf-1b6c-4a1d-a7bd-b0878dd5f2e5%7C1700701838
.adnxs.com/ Name: uuid2
Value: 7672818372472082626
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.casalemedia.com/ Name: CMPS
Value: 3303
.casalemedia.com/ Name: CMID
Value: ZV6mjkoPYbSZosfd0TjSlQAA
.casalemedia.com/ Name: CMPRO
Value: 3249
.shefinds.com/ Name: lotame_domain_check
Value: shefinds.com
.spotim.market/ Name: vmuid
Value: 3cdf9bd93e9bc473
.spotim.market/ Name: a323548
Value: 7672818372472082626
.adtelligent.com/ Name: vmuid
Value: 3cdf9bd93e9bc473
.adtelligent.com/ Name: a323546
Value: ZV6mjuTGgZKJt24TvbqFLAAA&1198
.spotim.market/ Name: a482928
Value: b7b8e429-0b74-4603-96e7-b87a68a90395
.app.copper6.com/ Name: vmuid
Value: 3cdf9bd93e9bc473
.turn.com/ Name: uid
Value: 8360122921520775269
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cba9f484-fa84-4304-9794-8bec57a29061-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cba9f484-fa84-4304-9794-8bec57a29061-003%22%7D
.spotim.market/ Name: a708476
Value: RX-cba9f484-fa84-4304-9794-8bec57a29061-003
.adnxs.com/ Name: icu
Value: ChgIp95KEAoYASABKAEwj836qgY4AUABSAEQj836qgYYAA..
pbjs.e-planning.net/ Name: CT
Value: 1
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 482769=5728390
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1309387560%3B%24ql%3DHigh%3B%24qpc%3D93138%3B%24qt%3D25_176_7906t%3B%24dma%3D0
.rubiconproject.com/ Name: khaos
Value: LPAHYPSY-5-6VYI
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr8QKZYo2zGEuQFbWGgM44fR/rFJVNr6iJ7fdy5ErN6p7B9UezJzX5KX7fFUyHGJdRd+FQ8so4GLeBxGCOXoSK1h157jYexZf6+xUA9sgf/4b7FQD2yB//h
.smartadserver.com/ Name: pid
Value: 2950123937050068523
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1309387560%3B%24ql%3DHigh%3B%24qpc%3D93138%3B%24qt%3D25_176_7906t%3B%24dma%3D0&c=1&l=778303439&lo=-234712989&lt=638362986394533970&o=1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uin_ex
Value: 1
.lijit.com/ Name: ljt_reader
Value: Hs6GrBZHObQumfFsTDKeQlu7
.e-planning.net/ Name: E
Value: AGoOP8CWAjycq14Z
.go.sonobi.com/ Name: __uis
Value: fcc35494-4c25-4052-8fd4-c7b306b4a6fb
.go.sonobi.com/ Name: _usd_shefinds.com
Value: 4f8ac5e4-e1d0-442a-93c7-ccf6e96fed09
.go.sonobi.com/ Name: __uir_z1
Value: 28167039
.go.sonobi.com/ Name: __uir_ex
Value: 28167039
.go.sonobi.com/ Name: __uir_a9
Value: 28167039
.ads.pubmatic.com/ Name: KCCH
Value: YES
.zeotap.com/ Name: zc
Value: f9341ab5-dafc-42da-578f-2a3b998f439b
.3lift.com/ Name: tluid
Value: 3522532217855601334478
.zeotap.com/ Name: zsc
Value: %F7%B5%B5%7F%C5%EA%7DG%EEahg%A3X%04%B3%A4%F2%DBW%BD%8A%3F%D0%E5%C8%24%BD%AA%ED%FA%E0%87%DFUg%96%DE%22z%80%25a%F2%A2%01P~%7D%A8e%986%D5a%12%82%BA%F8%3A%04ZS%E2%AE%D32%11%FF%7F%B0%9C%82%28%04%DA%0CH%97%29%BC%B6%12%C7%18%8C%CEF%19%960%D7%24%01%C6y%84%F2R%3A%E5%A3%B9%8C%A5jmR%12%FDA%13%E8%06%AC%C1%DF9%D9%F1%22%88%DC%02yNj%F1%2F%DB%CC%A3%13%F9%B5e%F6%FB%1E%EDY%01i%2A%A4%96%1Bd%5D%BD%0B%9CVE%A0h%96%CB%FEWq%A1%3B%5B%12-%E8c%B9l%3A
.bidswitch.net/ Name: tuuid
Value: a18799cb-5f59-40fc-bd3f-1583fe87c7b0
.bidswitch.net/ Name: c
Value: 1700701843
.bidswitch.net/ Name: tuuid_lu
Value: 1700701843
.creativecdn.com/ Name: u
Value: B3wsDjNk6zMMfZq3XUyb
.creativecdn.com/ Name: g
Value: B3wsDjNk6zMMfZq3XUyb_1700701843105
.creativecdn.com/ Name: ts
Value: 1700701843
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQ3NDM2sDA1tBTiM9T1y0_1rqqsMirx9NIFADBoHIglAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQ3NDM2sDA1tBTiM9T1y0_1rqqsMirx9NIFADBoHIglAAAA
.adtelligent.com/ Name: a754412
Value: 0000EEA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.spotim.market/ Name: a323551
Value: Hs6GrBZHObQumfFsTDKeQlu7
.adfarm1.adition.com/ Name: UserID1
Value: 7304458795934808222
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjM1MjI1MzIyMTc4NTU2MDEzMzQ0NzgiLCJleHBpcmVzIjoiMjAyMy0xMi0wN1QwMjoxMDozOS44NzA4NzcxNzYrMDE6MDAifX0sImJkYXkiOiIyMDIzLTExLTIzVDAyOjEwOjM5Ljg3MDg3NTAzKzAxOjAwIn0=
.tapad.com/ Name: TapAd_TS
Value: 1700701843072
.tapad.com/ Name: TapAd_DID
Value: 3c7406a2-064a-4e66-9066-67fdcdc1074a
.doubleclick.net/ Name: IDE
Value: AHWqTUktzE0Q7lRJpra2s8YFjGXU2Cw5dAgsIwP3N34R9F2x-KEiBN8jICxZgFSB67A
www.shefinds.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-23T01%3A10%3A43%22%7D
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6746b1382751660a
.acuityplatform.com/ Name: auid
Value: 855584585918
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBRX43KnmYmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV+Nyp5mI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.yahoo.com/ Name: A3
Value: d=AQABBJOmXmUCECNvXbzdEORqFBbno-mVSP0FEgEBAQH4X2VoZeAYyiMA_eMAAA&S=AQAAAni1EiDjgrKSPM6hZLg5GTo
.weborama.fr/ Name: AFFICHE_W
Value: ASmyRwH50XMB64
.go.sonobi.com/ Name: HAPLB8G
Value: s8628|ZV6ml
.adtelligent.com/ Name: a307971
Value: AGoOP8CWAjycq14Z
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-aabee7a5-6242-3e65-b0d7-ee14c8ffa694
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_2a9b282e-470d-495d-952b-0c62ca86c87e
.dpm.demdex.net/ Name: dpm
Value: 61740118269129071431117751714700008695
.demdex.net/ Name: demdex
Value: 61740118269129071431117751714700008695
.gumgum.com/ Name: vst
Value: e_13666cc5-5252-4d01-9988-a2dde8979b38
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2f7d
.csync.loopme.me/ Name: viewer_token
Value: 86bc1113-1113-4eb3-b372-9eb8000d3cd8
.ads.stickyadstv.com/ Name: UID
Value: c11575d43d1c016c4da81567d4764
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZV6mjkoPYbSZosfd0TjSlQAADLEAAAIB
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1dd466ae-bbad-599e-6cce-d03577804d2e.saLNx3Vz4Dz5WZQPZT%2FWUXBAmQfXtrc%2Bve6d3Gy3LyU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1dd466ae-bbad-599e-6cce-d03577804d2e.saLNx3Vz4Dz5WZQPZT%2FWUXBAmQfXtrc%2Bve6d3Gy3LyU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHdRmrrutWZ5sztA1d4BNLlD_Csc.R9Sc5JkIHlnOQgYFVCdTsn19KpGLcHwg%2B%2BNNnO7WTSA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHdRmrrutWZ5sztA1d4BNLlD_Csc.R9Sc5JkIHlnOQgYFVCdTsn19KpGLcHwg%2B%2BNNnO7WTSA
.agkn.com/ Name: ab
Value: 0001%3AQeU9Qz1rjpk%2FZbzmzuVtLudoXzasHyYm
.quantserve.com/ Name: d
Value: EBsBDQG_KuvLswA
.quantserve.com/ Name: mc
Value: 655ea693-5b4e8-c8e26-4bafe
.krxd.net/ Name: _kuid_
Value: P7p8cmEJ
.company-target.com/ Name: tuuid
Value: eb31808a-d0da-4d47-8289-ed3f58437407
.company-target.com/ Name: tuuid_lu
Value: 1700701843|ix:0
.bidr.io/ Name: bito
Value: AACdYk7KvU0AABK9vc6yJA
.bidr.io/ Name: bitoIsSecure
Value: ok
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHnJw-F91SQrGrUuhvXI5WTRPbgLpNX4sU0_5XLERb2bEHwYBCCTzfqqBjABOgRyABfNQgRLrshc.fGubbW4HTj5KbdML16kSTEPa5q7X87xHVmSCUSRxysY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHnJw-F91SQrGrUuhvXI5WTRPbgLpNX4sU0_5XLERb2bEHwYBCCTzfqqBjABOgRyABfNQgRLrshc.fGubbW4HTj5KbdML16kSTEPa5q7X87xHVmSCUSRxysY
.fwmrm.net/ Name: _uid
Value: ume4d21_7304467886251100424
.shefinds.com/ Name: cto_bundle
Value: 2Gl4UV9Td0lWdGVDcmJHY2hhVlYwM3BLUWdTQTM0YjlzVVo0Qkp2VDdZWHh5M3hoUlhMR21wT2t2RlpWRXc5NTBhQ01RUm9VZE1iNDFENVEwMDhOVG9mYXNna0ptMmdDQVdBdGRJYWFIcTg1YmUwOUE2WlpOU3FHSUhoRjhBaWNUOCUyRkxT
.shefinds.com/ Name: cto_bidid
Value: Fvpjkl90Y0hVbEx6JTJGczNzcXMwZFZTdDc4YmpCUHFHYjU0UXFwNUZJVzZsNDJPY2xHc2tGNUtiaGNWaXdxcGhCWmtiQXhacXVBUGpUbXBhenNVb2E0UHdPZlVRJTNEJTNE
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZV6mkwABoVliuwAM
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtobmBgbmBoYWJsZmC5ShSJb2xoAQA8btZsIAAAAA
.smartadserver.com/ Name: csync
Value: 49:7304458795933497502|76:CAESENO0PlirjFA2VPnvs1tXlPg|86:7672818372472082626|94:ZV6mkwABqHbi3QBH
.liadm.com/ Name: lidid
Value: b0228b5b-e9b6-460f-a731-189bdbe24492

53 Console Messages

Source Level URL
Text
network error URL: https://d3ezl4ajpp2zy8.cloudfront.net/shefindsmedia-lifestyle_tag.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/runtime.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/polyfills.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/vendor.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/main.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
security error URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Message:
Refused to execute script from 'https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---' because its MIME type ('image/gif') is not executable.
network error URL: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://d3r7h55ola878c.cloudfront.net/btn/1.0.2/btn.js?_=1700701838386
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/vendor.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/main.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/polyfills.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/runtime.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dabf742fe032a068b%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dabf742fe032a068b%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f9341ab5-dafc-42da-578f-2a3b998f439b&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=34e68461-c02d-4ac1-6351-b3057e58c27c&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=abf742fe032a068b
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=05014bea-0d1a-407f-4775-56a31540b29a&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://tags.bluekai.com/site/87734?id=34e68461-c02d-4ac1-6351-b3057e58c27c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=34e68461-c02d-4ac1-6351-b3057e58c27c&reqId=0057727f-55eb-4a58-7f48-30215bc02a42&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=f9341ab5-dafc-42da-578f-2a3b998f439b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=54db2aaa-ee6d-4ea8-41dc-a625b438f448&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f9341ab5-dafc-42da-578f-2a3b998f439b&reqId=c3f546e4-eb42-463f-548b-42d90226f080&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://p.jcontentcdn.com/
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network error URL: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://p.annocdn.com/
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=fcc35494-4c25-4052-8fd4-c7b306b4a6fb
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=fcc35494-4c25-4052-8fd4-c7b306b4a6fb
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=ad232de9-bca9-4b3c-a88d-fe0ff745e545
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.app.copper6.com/%25%25YOUR_COOKIE_SYNC_URL%25%25
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Message:
The resource https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Message:
The resource https://rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=8ea40670-ef46-4fa7-9d4a-2d08a9f8781d%3A1700701844.201286&_=1700701844.203331
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a610202f-416f-4b94-a789-ad8a4c335e2f%3A1700701844.058535&_=1700701844.067758
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Message:
The resource https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.shefinds.com/collections/doritos-chips-recall-undeclared-ingredients/
Message:
The resource https://rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.blogherads.com
ads.pubmatic.com
ads.shemedia.com
ads.stickyadstv.com
ads.us.e-planning.net
adx.adform.net
adxbid.info
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api.btloader.com
api.viglink.com
as.ck-ie.com
assets.a-mo.net
b1sync.zemanta.com
bc.marfeelcache.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
branding.revenuestripe.com
btloader.com
btlr.sharethrough.com
c.aaxads.com
c.amazon-adsystem.com
c1.adform.net
cache.sellwild.com
cdn.boomtrain.com
cdn.deepintent.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.keywee.co
cdn.parsely.com
cdn.viglink.com
cdnjs.cloudflare.com
cloud.typenetwork.com
cm.g.doubleclick.net
cmp-consent-tool.privacymanager.io
cms.analytics.yahoo.com
cms.quantserve.com
comparisons.sovrn.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cookies.nextmillmedia.com
creativecdn.com
csync.loopme.me
d.adroll.com
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
d3ezl4ajpp2zy8.cloudfront.net
d3r7h55ola878c.cloudfront.net
direct-events-collector.spot.im
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events.release.narrativ.com
fastlane.rubiconproject.com
fastly-cloud.typenetwork.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
ghb.adtelligent.com
ghb.app.copper6.com
ghb.spotim.market
go1.aniview.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.e-planning.net
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
images-prod.powerinboxedge.com
intljs.rmtag.com
jadserve.postrelease.com
js-sec.indexww.com
launcher.spot.im
lb.eu-1-id5-sync.com
lightboxapi.azurewebsites.net
links.release.narrativ.com
live.rezync.com
loadeu.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
mtm.shefinds.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
onsite.boomtrain.net
p.annocdn.com
p.jcontentcdn.com
p.nodserving.com
p.rfihub.com
pbjs.e-planning.net
people.api.boomtrain.com
pix.spot.im
pixel-sync.sitescout.com
pixel.keywee.co
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.deepintent.com
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
prod.tahoe-analytics.publishers.advertising.a2z.com
publisher-assets.spot.im
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
rumcdn.geoedge.be
s.ad.smaato.net
s.company-target.com
s.console.adtarget.com.tr
s.e-planning.net
s.ntv.io
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
spl.zeotap.com
srv-2023-11-23-01.pixel.parsely.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.bam-x.com
static.criteo.net
static.hotjar.com
stripe.rs-stripe.com
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.adtelligent.com
sync.app.copper6.com
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tg.socdm.com
token.rubiconproject.com
tr.rev-stripe.com
track1.aniview.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
usersync.gumgum.com
vid.vidoomy.com
vpaid.vidoomy.com
web.hb.ad.cpe.dotomi.com
widget.sellwild.com
www.facebook.com
www.googletagmanager.com
www.lightboxcdn.com
www.shefinds.com
x.bidswitch.net
z-na.amazon-adsystem.com
bn01.er.bemail.it
d3ezl4ajpp2zy8.cloudfront.net
sync.tidaltv.com
user-sync.adxpremium.services
vpaid.vidoomy.com
104.102.36.95
104.18.36.155
108.138.36.36
108.138.37.209
124.146.153.167
13.248.245.213
130.211.16.136
130.211.23.194
141.95.33.120
141.95.98.65
142.250.186.70
142.250.74.194
143.204.215.101
145.40.97.66
15.197.193.217
151.101.1.91
151.101.129.91
151.101.130.217
151.101.130.49
151.101.194.207
154.59.122.79
162.55.233.28
169.197.150.7
172.64.149.180
173.0.146.6
176.34.182.11
178.250.1.9
18.158.167.70
18.159.232.130
18.165.219.30
18.173.154.46
18.173.154.6
18.173.154.84
18.173.155.56
18.173.184.62
18.173.187.22
18.173.187.42
18.173.187.61
18.195.156.219
18.245.60.103
18.66.112.104
18.66.112.59
18.66.122.25
18.66.122.52
18.66.192.117
18.66.192.9
184.30.211.26
185.106.140.18
185.15.245.83
185.184.8.90
185.64.189.112
185.83.71.234
185.86.138.123
185.86.138.152
185.86.139.102
185.89.211.12
193.0.160.131
193.3.178.2
193.3.178.3
198.47.127.19
199.232.197.131
2.18.160.221
20.225.97.235
20.40.202.0
2001:4860:4802:32::36
205.234.175.175
208.93.169.131
209.192.201.180
216.52.2.16
23.211.9.60
23.212.211.47
23.213.164.238
23.52.120.246
23.52.120.27
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6
2600:9000:211e:b800:1b:5138:8a40:93a1
2600:9000:223c:9600:6:44e3:f8c0:93a1
2600:9000:2250:9a00:16:f82a:8600:93a1
2600:9000:237d:8400:e:ec66:e40:93a1
2600:9000:2491:2800:4:b37b:9440:93a1
2600:9000:2491:ca00:11:2a6a:9480:93a1
2602:803:c003:200::44
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:36e8
2606:4700:10::6816:4bd8
2606:4700:10::6816:4e8f
2606:4700:10::ac43:17ea
2606:4700:10::ac43:db6
2606:4700:20::681a:246
2606:4700::6811:190e
2606:4700::6812:bcf
2606:4700::6813:9f13
2606:4700::6813:d483
2606:4700:e2::ac40:8413
2607:ae80:4::25
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:58c::2c79
2a02:6ea0:c700::17
2a02:fa8:8806:13::1460
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:cc3:fe04:3684:ac58:ec44:5836
2a05:d018:d29:3605:3b2e:d970:bb65:e6b3
2a0c:5c87:5232::2
2a0c:5c87:5239::2
2a0c:5c87:5241::2
3.214.189.170
3.229.230.187
3.71.149.231
34.102.147.248
34.111.113.62
34.111.131.239
34.120.63.153
34.160.236.64
34.205.13.79
34.246.122.87
34.247.205.196
34.247.75.63
34.254.143.3
34.96.71.22
35.186.253.211
35.210.239.72
35.214.172.60
35.244.159.8
35.244.174.68
37.157.2.229
37.157.6.232
45.133.44.3
45.133.44.4
46.228.164.11
46.228.164.13
46.228.174.115
46.228.174.117
50.112.29.170
50.31.142.95
51.68.39.188
51.89.9.254
52.0.133.59
52.18.28.96
52.19.228.53
52.209.20.66
52.21.143.58
52.211.88.8
52.213.93.159
52.222.214.115
52.222.250.70
52.30.78.43
52.4.98.207
52.42.244.86
52.86.219.183
52.87.93.35
54.204.56.198
54.82.32.1
54.86.230.223
65.9.66.104
67.202.105.21
67.220.228.202
69.166.1.32
69.166.1.34
69.173.144.139
8.2.110.113
8.2.110.17
85.114.159.118
92.123.20.20
96.126.111.33
96.46.186.186
98.98.134.241
99.81.36.1
99.84.88.119
99.84.88.8
99.84.88.84
99.84.93.105
99.86.4.128
00b4a0160b5a8a37c4e7cd80a001208f8a92fb513bf3a2332917aee55038852e
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
016209754f5b92f7cce3c66c0035d8fcf48b11d08881319155a3476824a1582d
01dfcfe991ac2e4dffd53173f4668c3fb3df791900c35c633c06ed1f73f1ce44
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
037873e3bde7304011cab230abd95899bc51a3936e70d756bcd8bc8dfa72268d
045f1ee92ab9aa27960770472e64e754975d3a74b55a82322ab6a78dcf98056e
05509b0c3ff2afb3ae0dd150d54cd5244a04e3764e0d18014a9506245a2e64f4
05607c46a0e139efa15b9f19a19b5c497fcf2bf908caab0a36ad2f51203dee5b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a38dd6b76a7afc9b1823eec0927fed373e4125febbe9fac2779b3fc74483b0
07b930a852941f8adc30abd6fd3e560455924774f6cc4371d4f6e85144721f89
07ba114757fb383a3fcd2329b7844e5582700f652c3664a5058e65f52bf308ff
082716f79dd5be3b8c16af34f54840685842cf86250a8b7fb0096ef04ebca04a
0828ffd7a28dd19d418cbc4101f7ecbfd9fbee640afc279728ce91122ece4ca4
0912420957e1349dea4b9d6467adc71c30de0c1f9b2e09d84003b3eae03971f9
0a3ac75222b5a988398196142ff6e3f3952334c71225a9f5f95d94a988718cc5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0b9b5c5fc4114c994452c3659a20cbf0618d815d9eb2b74d3f53ad7b2d832e19
0bacad52397dddc457837f258b91e1f3380c5df8dcc26ec9e2cbf45e59ff3745
0c76817348da95aa12b086a2d8dc71b98f4fcd4bf68eef15ab363216df3fb76e
0cbdd3671a78c4febdb7524d99510f3b4d3b74c18a5feef64654b17eec6349ec
0d06a11ec13300476554bbcfee505e6bd5f58baf797709418e25faf657c1a642
0d91e8b78f9d50f6dca25fdc4ef9d7cb2a5e0c102ad56ede94e74294de384682
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993
11d6fc441effbdb2982f6c2173b2cc3de5bea1776bfa85cf1a0650830e6c68a4
123e79062859f4cc87e967e4c3c7fb788c76015eaca76086578db67d89bf6359
130b7819ada9d9370881235a1ca9d2437141714b97418e00d081c773058ed802
13321bd59f97af3b32bdb3f62cecbec8c469c59f180aa6fcc256bd07d06752c4
1368e5ddba16a76115a9c485ba99b475ac1089cc86e9304bab52f880fe3e0e99
157318bacbdde43ab90574cdedfaf4d56ea93ef4f6d5051872114b90066474ad
165196e5cd4cae25ba97ba908ea650fde4c87a78279ff5d4a33c38024d7b9e6b
16d320316959c464d4b0556b4b11ab001dd01f5244344b521252fef09b154a74
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377
192df54fe2ec49451a972937f38c82378b1e7e6ced29621dd00aaed9fb24d557
1a06e147cfc5cba1b8b0ab97b52b5a5711f754a8fcf370348919fd7a26de8d38
1a2425e8a1c28da595ca2691e04b33f4bd044372dad6abd3ac5caf6b4c8c106e
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd
1e87a8facbeec483528a20a654e8737ead5b65be2861c38e19c966cb6f50bfb8
1eb1ad52e9104b08bf2d36b7f314fb7b0cc0271431ba238629deb3db4af14271
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1efaa7bbf3e72a3670cca2981626878532584aca96c43a29fa03d638c2b7052e
1fcf61fec10047e1c6b04098c52ce12d99adbd367e58ff141a547d73e7787401
21eca2934c9de2dd70b6f8b2e5ed5450319b745c1b09aadd1db8585c7ef7abb8
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
23eb24ef77b1664d5b123463d82a89bb52d0fa077bb205611682bbc0094ea82c
24cc446819c63f67b0e42cb62f581447d60af76d17f304dfddd31bde8108d137
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28b1c2aedc87388efc3f714ba2caa7908cf8e6e6fa5f3f80332edc4705d43f38
296937a07275f36035eac29734ab659b098a874d843c66e35ebef458dd5c8ee6
298b3a852535f1d2efde755eefdf0164d703bc54f6c0ef3072cfb105a1e5e0d3
2a48454e324f1c09ade5eeecfa8cc16abf0da783a77d9639f4a4e112c01ca5f0
2d6e6c8a1071aae65f4a9c782db1199e21f1f2eb823603bb33a850a66276e0e4
2dc5059b2f1e55a338bc7085341ae5511b80c51847ff92244a2782a7c5b7417c
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e41c837b41e76f82b059aefb2760c06d25da6b16795539f617ad71ed35b5db8
2e7df51881edd22359b6e09b60d052c2216ce4e44b62889b49eff28f84004176
2f52c83d011c40ab1b778bd0f6149e2065c85248d97c472dbeea3bdeb18d77d4
2f940535356fd21d81c65c9fa87d37269359bf43105d53aef61f185edcaf5e9c
31a0c396eeb4303afe043c14ca0c26e3efb383db9571c3021228468c34cb0724
32d31229c744fc8f03a63da695b33c488756d43e2b2c0bf056998dba23b560ee
333bcf8037746f5d9af71a19dcc2ddcc7b4bace7c7888f66752acc7cb840a8ea
33a65f3f35748bdee065a31de91ca731d9fc3d3997ae7f43088ecccf611a2339
340700e051b71c0cc9ca6574192583b6d16fe9f5a66afb1ae07a22e7de394f65
340f9c0f06dd4157c63077dc388cbb4b08da130f2e76c6910fc4967444e6cf92
341d12c3f0cd75cd5719a0a5ba699e9f201a9b9b3de1cce52bd134213a0bc3e4
343a6c2bc4231fcde5a83ef906379d2317391d648ac2c9cfe441bc8bfc7c9bed
349290f0c46886bf1de4d4b5d59d24ca740859d4493f9fe948d2e6857705a68c
3505c3c14abc678d48a3e4667df2e0c350b15a66790162e68d81cf0bae5fde0c
350a65b18442a1ffa0449a9bdbb9eb937c6020fb2605178e73ac1b3ead2e56a2
354c4b1a9535b7673c1157272e3cd0f1f067d9a882361fa3d74f9f2f2ecda958
3821fb71b3f71bcee50d9e3875b88aeda054ffebe2d854d6df4fa91bb3678cdf
3869145c734135dd43b803529a711d2662d1c11c1bef313af5cd188c1cc40297
396f571ed075c09f163af863b56882ff197aa0dc8d9a51aaf1a401b6dd6e9e77
3afa29609b287f240f3f088c61fca96d33d832fafac704937026907d364fa42b
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c4b41b93f0873e5ec379c5af6650c0159ddacdfaf4bcf4054f2666ac656d43b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ea55154ff0a67115c641dc001115d6983429c0b875a0908f3ea440d7e1254ec
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0383930d0dd02a80bf5ee1aaf833166e6e8edc46a10d6f1a72b6e7cedbfac6
3f8b1b7a3b3c9d91b1e862ee5df97d391711977d35553da1e6734b29fbe6f665
3fa76122a388b4cb395fa0146880ad82c029f47f602e2e23d143f8a0f9ca28ed
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40572149e4510bdb15e75a66743498c5bcba5c3975ba2d34419aac7b06d36a9a
41b3f1c889f7cee62afb38840397e2e11f33b90f65cb95980f135040f92a9c16
42c000acc96ffeaaaa5358e898f2482b48b2c1a778ba3470a05d68ecdf122805
42d3eb7d373afb36dd72a7e4aefba98de82fc8706fccc34f42810c2c0760ea2b
43893511a5f10d80d0c6de28724e59a3623fadfe5c7a2343d9eb5ccdbb3da061
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71
4538c4a3f0cd3b22b6b45285abc0bdd88be05af93c2092911b03927c5e78bbb1
45f923caa6e7ba7da3907cf387922e1c992acb8b0f9df52a700d928e62c08426
466b1afcba408c2cf0cc1535af407203c784990b57521fecc26bb12f745b8700
472bf77b7d6b7b1e16b99b001ef20b200ccac194c6e4decfd49c050488ae69b1
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a
488787591e825d9481747646a80d3b2e0ecf1a68675439beb2f61ffa3521b6f8
48b73010b783a8a7f6350de94bb976e2bab025a75bc36d5a975c42b3775994e1
4a8cce7bd28f740b0ec159c5c8f5ccfa25cec1350e0791ce5af5f364208952ed
4b0cc00e989a9c02a5fcea4e4dde896eecd27e592c2764802ebcde76d4c6821e
4b8d4b7c4cc6755eae89612ba8b0807c2461d2070e88035c69ffe64681e8a446
4c31877e81a8a7730e54f437c113dbe72981d148ec0db76867eab8bde00a7c19
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d8de01ad29f8d43c9a8639d185fe4dacc10fdde514e6898b43944e0617960d9
4dcba414b1c25f5aee596e1838649955c29208028df62248eaa9cf57394ad70c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eccca0ba4ffedeaae12c42d64844c35669f4a28229afbfbb3d3aa6a119069cb
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f89e482c45014d4cea6e1b494c2a9776fd61d74aff9c7d60eb418ed0528cfb5
513d92d69cceed853c01ddcd1ca46ef098fb1ade3b4e03293347481bee0e18a7
51e9626fa33eeb2e7392bdbaa9103ae5a47e647530211f4e046560fc5ee08a18
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53bf676d7fb58887b9f4c83c1330451e2b01f1a0863284c5fb4e8284b9a87d8b
53cb431ede15aac99c284dc42ae448e7606e4c15068f50e3a062dc1666ef86a0
53f0d3ec31993f75aa6a5135d73e4c138da6eb0bf61c437b26a7acf4b9f61949
541b8820c59df0c1a8112dc7d874a3d1518b293bb3c9550806dd0eff76e81345
5443de6325c7273f8805a370e3a384327134e8c288732bc85e7064147bce9e8a
5448767f1bf7f903cca0dbaeba86a07d89f36c103d48e36421d084ce240fd0bc
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d35a5212c368be4727181ba049a9f587c24af4e8925e1a87dcfe2f19c6116c
5628229884a0fd601c319c1e67e71b3f2f05d3ebaa31c5adaeadf3580935d614
563c2828b96e60d471d369d0f12dabe89e209931b7f1486dec16ab7a19c87930
570b35840570fd15482505125fd5fec8c3de8529aea4bead3a2de44e42c5898b
5735c5584b89a0e8d18661ed358ef81df4ee0fc54b318ae5f01f008352c7866e
5808d2fc291af8ea4438e34c55c6f4f1e48223a33e460b2fa16dea500b77a7da
58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee
59682b34a53a47bcdda550d4a47f87240464ecd593b97681bee9a5228edbef0e
5a7415a6ff0333095839423e485a0c336a6eed4ce10d6784ec7d2ed8e22d16f8
5bcede6c5d5aecc628e38729f2e1d81cd40d8512f71cdff84a1a0305d8402422
5c045a8c5c1c36e4927d7dd41b74da523935c54931e7f68e4d6741b2ecb0cb50
5fa9287ab474c0ff4ee70e1c3aa357e5e6fd79acfe9d51a76e4f573b7b7f7f3b
5fc26736b382f47752024d61ca953d665518d12cf30eab84d754e60019f82354
5fffd9250eb035adc0d58fad67204a455b165a466536577cc25617e6d7ddb28c
6105f4e1b44b163b380cd3e96e91448900b006026415bfe057461c24b30b587d
612ef9770b16e45767bc83794a0a89703c143c205243662636463e9b56c916c1
61bd8749933e2a9488be8ca1bcf799898eed05c9cb4029aca7ed711288edb75d
61cfed754c3b86c633e0e69daef2962f40f426d4fe8bda08164fd7ab608f0e0b
62f3ac28c0d5075ecf4c13c999e87420f6b448b8f5c9045e467f30a6d24609a6
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
62fa333d425bc05720d7bc033a697fd322a2deaf42d775e360cb7d4f5aebc507
633967c8d74cf592ebb7ba7fb9bb2e305f1cba0c6321fa86a7b850f5b16fa0bd
637cdc836b3fa959f7edabe4148bdb1c02d997cc95c2e03b89b4ebafd5fcdb9e
6450c8a6c62eaf1fedc6484d92ef795d92c41e617693be348a90d22d7d45726a
6470613ca4a46ee2e14b1315f174db1726a06e40d0cd518aab5b4352930d128c
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
6628bb38dbad40075efa498edab7f3583f6a7ef5d1ab05379b8bc102d56cc4e8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68951ae0f2153142736e93e67554891f98617c6658d52c4e6098ad6e675143ed
696b7b641d993b2664d20d1fc0a7d81e1dfe55db60535b8b946159e3e7aadb28
698ff2b16e47d4d2942f8dff699a1f1e0ac91ba814fb3dbe998114b69056447f
6aa34a54b7508314a0fec7604f3c0eafd8f7d51943eeb8f5297ac0e81dbce9da
6acdbc137bcb42eb192ecb4b7f44e294caedeb17b71aee0d2bd3179db6a9b4e3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c4963d23c51a039a86838e86d360f4e715a5bfd03f8e8e4963cec537eb8ded8
6d43018113c5dc037b8a1c1bfd256dac3c82d2660c1d6a535a5e5e671eade231
6dacad7a02574323e64231bdb477b99dbac3bfafe28be370fb3d2e9fb2650b9c
6ebde7060dcf9c2db0f9d8120e37ddcc61a0039b3df9ffda4b40149a3c4b9cb6
6edca8a6db0698387f2044d4dd85b6f006d641bbcb14972cd5358d6629c5c768
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7231a226beb47df9d7fd239300acd08e7a625da4515e6cdd96d779e463c7c0f6
72d1b7839c0e3520a08b51b21071cdb388a474509bc887a2b1d3fbe59b5f2939
7310e401efd5214d7c4baf2a6df94becd6d945da0682fbc3a93274eadc68e8c2
7366ee4721b164427706441c07c16ab00417d713cf374ac2fc0964d0b34a1030
740c0c7594e6e2a789241e22ca3f7172865ecf162966316f7ce72abca2bf32e3
7437a15e788cd39c4ed502ae5624e7e6080fefda5d718e97ab056ddf76943efd
7446608f783007b998f8bcf178c044468516c3c5b178a87c40378218ccefccd4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5
74b53792dcfeef77b16ae2908178498ea57e7ad0f89e5aacb9d13f3b623cf993
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
7585e4b54edee5dd7ecb17bd243463a8647ff6c6cf434cedd242eea88f4d087c
767f83c8162751a1fd59814cd37e3259b463e57a94e8c53dfa42272080a7b85a
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
785d2a3b79de241b223b69b3c0f95804da264cdf50c0074d0566e89bf11dfde7
787723bb60da6c7749ef7c1e32c542e9fba84b07dd132b3d35010d0c65930520
78a2b84143ee8dc53f94e2e2d77b1930e1d6b2bcbc68d803b1f66231b537a774
78b7236e2cd78ad5a0c1e6df5502c708951d4c209b6b308cd697fe3aaa4dea4e
78edd19a5f2a3cbb51e5a1f3df7b5babfde5fb3bc80326a03dc8b2d18af828c7
79cf4a407dc82dc566f601ae4a95ea1b6bc05a7ca61da29a8323faf215210e14
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675
7bfbc44f1fd50ccbd8686d846b4b6d7c0ebb74ce8e3d2c1eb677964dcfb97cb3
7cd604da69fa174750d03671925fb32f2f105a3eb11437fe2620f15ed199b6e3
7d3fdf9a5291327ddee7d1cdbe8b5cd2a453cb0c2bcfa3698ebb9aace920d50c
7dda73635a0b6baef16331da9c1c0e0720a2630bf932ba13c343e91c40dc26af
80ae3df00078545c5cc27477007822c75f1d659d3e93e41de0358fef10f7210f
81280429eeeaf0ccf8c1d1f0fc88a2ee1ac2bc3fb4726cdc4b205a9291a47a27
8193fb2c907238ea55eada1094dc96084b405acc7b27b9f07a59485847fb74df
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
821c34d21b6bcfd65b594018bbaf5a32149d24b23ded63b5f83f5e550984e138
824dc2e405c8a9efa591855e9f5fbf3d207421989d5c771c5d3b6167a8ae7cdc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31
8484be3a358cf9146880edfb2f879e72ee66cd535a4ca8d1b7f4a2ecaf52758f
84af1033b3671c129e4adfe9036316bf02e75b0f5f2ab60256a52fa2977042bc
84cd6a23d847207eb22b37c64936ad869260857f9e278ba9aeb1bb632eda7bfa
854f4f20f25474591f4c4400518b7a65b0c99d7e570bd23cc1a9705a3e560a49
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85cc4a967e618610bff0596e4225f80ef4b7a54ad64c8d77e4f25abdcdb6b218
86919a5ce3908f8ef50e38fd9d37c9a57dd7ddc10d902fcea4d3b7d1955f786b
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d
876f8b87b310bf66cb4f564912ee786558eb8b302d8ed92cd1b77483063f135c
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
882441b5453d61d492bd76c8101b6f83884902ee7a86741d33f94ef682e35f76
890ca49a0f6c23602c5c7ab839c3965ed54329f638ea58f41e569e0c84bca09d
89362be4dd30a8430ed44d421b6060fd94b488dfcb1f89da2f796d883bad53d8
89baa1b4b97a811a6983b0fb239f2df4736f6c2a17b74c639246672740a8711c
89bf37d6f4e3726d63d0f0b8af1b4da7a90a0e87f99252956a40f00508c2353f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242
8c1c5ce09e1cfdd6e179fa798dec9b0324b3e79f4c78ee9c43d154f50fb5a66e
8c552f6d1dd8ed0e9a58c57ca1c1ea6a1f818d69fe54745504bae63495bb3650
8c8e36090b0f56f14eed4abdf00aaf61850f18d07ea2d81aab3ddd3846c6b442
8d0f6e423ee48a9a0cacf1690e40ea49fd4ee81ae7017568ebf57b6a299798c2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
922bad42c36ff9c7b033f2662fce8892a58d54ec3b13433630b40e6e4f4195b0
92a8dfddc9a488d4605d9d6ca64b86bbe16935f258d704e80911a462a57b8edb
92ea371b097a7ecf7094f09b87fa16b74afd4c1d482c0aafd9b69f47d64a2df8
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9432dc074b4f5712a455be9eee14eb96d2f55ace2ec88a11d31b63704793234e
94472b67a72a6e77e8421965e7cc558f19aed093e270e4609fcb37026e77ed13
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
951b7d63c67a14bf5fb41581a8515353f456724c9eca4aaea220315c913a07af
95bdb044ac1a7997502d29d7afdb09982d9d761043eb48fc4f9bcb94b24cfb97
96ef0a27fb2a76f331f10aee91d770a435b441bf158aa4f97d37e5dfc8c684ea
998a5669295e7b46d6cbbff71584d9c72dd91fddd8be6183f45b7b5affaa038d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1929e565cea2a007edfeabfc4b01a705b43d5dc9818f33eba9b3c80bae03c4
9ba886c2761575268064b4c00f247d34c0a5d7da9bcac879350abdbcae0fb27b
9bea9774a7c2714797d8f83a8f4381ec099fc8a09464aa91c7568507c0d15e65
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a
9d019fd7e80d10fb4d8a651c715791527636e1027510a2c91b47294d898831a4
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
9d2bace3a9db8665681e2bce85210b9c5402fc3d9e7e9792e7bb0c187790d8ab
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5
9d6e5a71a4d31d0b227fcaceced2ec1f080f11753c73b4c294af89cd7f4d9ce2
9e2e36e6e19eac1a4280087e625d7f69ad75aef8f0e1ec83a5275a330be06187
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9e56273d5c90b208cf3534dc308bf44da3acbaf53b79864b0bde6ce0ceb86c05
9f449541930dc8900ab0217a894713d3ec86f5b3383663b3f618a939963c6ae1
9f933253b5f461d127c13675c5423bbfd8a9ac5d2bd4fb629a141767f16bb7ce
9fe7ea8e8931834626c3dd536ea876046750408bfc4bd682bd0eb8d937bc888e
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0613995406f04b7c009012e2fb47977324e204f63ad3772049eac8ee4326655
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09b5e91316f95d3a2041a7afafb859b2d2c489e0edef49edb38ab467371c76d
a1141a71ff46a7ece7c7dbb531cb2b57e8a4a6ce75f6792e6eb807adb16fe59b
a1bce3a073420ffcbf5ed7001270d7ffa577899b47c0632be0bcaaf3999ff4fe
a26e067834e18dd1bea3b57416a433c8934b93df99bd733a0885871ff1c13cf3
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6
a3982ebaff8a57748e4f5d30e4267c33ba21d8b861c12c03329f11d74e83bf51
a44a174a28b0a6e653c5201486de98c026d8d95833c2e333fbd57481736523e1
a5dabed54019cdc6c9853772ab679ba81d4e1d4e560d7dbe585d0cb5d77b2548
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a68862c1f5de50b2e8d4b7793393282ef5b872d198523bd3c741aa254bacb463
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9d2fcbe9ea44e132a6a3981d0669130e322cda144e0d188eb19e91763615beb
a9daaba14208d4a11facc1c74d4fac2717864aedd04b68d1f3076ffee8863c41
aaa1e213c95a21c9432ab75c3ec6b1aa17e2856eef68375a102516ebaba469fa
abe87445e2b7af2e7621b6d388e56c6bc6a480b07730e8e0288dcf5044a36912
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
ad1c4b815f05957ef937c30c713c9d3ee412d21021d5876ec8952ff6b493043d
ae69be93b147b0c410ac3310c62970cad5c177516dffc0877241ba3a16bf0889
af2c0d167feeef52cf8627ba172ae8d076ab4d1d0bbb101a42839ce160fff7f9
b006688d3d0e75e29f0e9ca9604e36564ba59cc29391935901af7cd0227a65fe
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b19e827414388e94fcc2815c445a4932d8eccfa009466979f46d51663a270dfa
b4d13db2de7ca2cfbdb0898a8d4f2b681438d63b6d037ab050ef3599773056f6
b69300546b7e4c3652abb6efd24e614261049e04f01de0f3dccf0c58499924c8
b6a7f90a6ceb1c93e4d283e9b1b7efba5a2aaf60d89340bda202154c493ea0de
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
b86b8cc713fda05d14a164b04dc278ea91cdb27ae3ccedf704bd87d88336896f
b88aaf47c57619eae042d8b5ef05654a5b6ee5bbd054dc0eca9c4fc23a5f15cb
b9946dbce09bf771b0ed1b204c67730897acf83b0c7c0bd3631caaf814854ac1
ba381e54279a07776f1bf69131b32f3958acdff2e2b37334dced95c4e0dedc50
ba4becbca672e57fc53fda209b9497b26a0b1cfbc69f442074a4f3bb4cebe766
bad420bc6de1fe9379cb6b2231bbf07e285c540041e25c69c5bc882d8f166ae7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be160224ca14cdd17bc30739c6f854d3b127ba64b47066279e59de81bf618a28
bee9159552166b5e8d7e038566cf414d4f99004a61d9c6abad6f57a625c10fbf
bfb8931c4f15083a4e3c005fdc87e55cb05ad0b675f11c3ae0c176c5e1ea8146
bfece4033042c3537d96a8ca45d9b8bba03ac119f8a5ee994c6bbe96d42f56f4
c04e240b96cb8f81323642ee2dceb424aac8b7490bce171bfb31a73e83b1fa96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c383852daa607bf6ac148a3108eb325cc71a8f103fda6af7db0b56a4dd91feb1
c3895e64602fd825bdce8267682308e5ec345a6a7eeb9650d02b98be3894389a
c419aaec18698bd737e6303abe5f7c5268c5f2c85cca51840f76ed947c1dd2e8
c4e82de8cce43e044222d5bebee0e97330f4501093ed84dcb0ab929f59e45ac8
c66923ec9e529b5d9c37149ac6c5b1332890e249521b72dcfe5c1dbe436d5d1d
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
c8afb0845c530fb78990eadc29feecd715697189417614dfc9bea750c3e7d5f0
c962b1cefd18d919e859003ad945d808ef469b0d9504b3612e72cb1d0080118f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc539005bf46fd579c14b0090980c2f85e17299c3f1776b890c3116275d2bbc9
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ccdcac49567850ffd4891e52abf3a4a04a2620267f9b0f4cee113506e0d2a733
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
cd69d14dc481a8975c0ab1f770daee7d7d44bfb3b502cc5d2851ae3a51b63a15
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6842676c903f3d51f15aa0fb7d6af85a3d2676ea4833006fbd7d6ee019506a
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d174561c4b954fc0c6ccf7fe2732844cd18adf641d02ffc016b4a056eb845420
d1dbe32c51384fa179f9a4b71c915f2da7bdd318d89a1527968479b9c2946aca
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d4dd9dbc6099790b3a3807c15f4ef9b8e71cab2a4a646e256b47248a8c430d09
d52376a3bcf8675bc002b4e7f991cf9fa2fef730c41f8623a77cb4ccf3263b1c
d67130baf4b5550cdffcdd1f25317766d4334ecc55eb689c8c2ece81cefa134a
d6b0da0d27f28a2faa518904185a1749b8ced8c115edccf714fc7226f0bf6877
d7011da3458e6933b9da7c313cad581c528bcef9d88d1cc2452e212e67cdcccc
d755760a25a3252ba4da7d35ecc29e8386e192f0048ca4c0fc1ddd0eebe2e514
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc267fb3b378db4dc4baef252937a10ff9e066f3fbd9834fd5fdf2d5d6c7b635
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd328e7e0c393ce35d104bff533a55bd63990581b649c3135244c7c07f9201d2
dd4b226598cc41701660f6a23258e866a976cbe7714359b3656e6f1017b1fd27
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
deee441222f235a938a5f9cb539e54ae4c843da183616ce60757418f63bfa4a1
dfc6371ec0b0c5c350d61bb8f0e37ababa58c5b73ae4217f6f018a7d0f3350b6
e1cbb5a038024ebacdaf67895a34f30cf1436c547edf4332ab6283ca4b6508be
e2047e0eedac1ff5ff206229050768b94e116cb0dcbc9437407cb2408030ac99
e238f77901f35afd58bcf5e39a6fa4d6088c5ecb124e744b4cc84c901b815bea
e285276284316eafc148388dbed88329f376f0856d4081680649d954687d4746
e2fd6d2f21d1ce1a965ef59dee0926b40f0b07c3f94d6780b22c4263c398e4d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d319688fb59ed25a3e9fd36d5aace83de1fae50918e135c6802bb9dcccb36b
e44f20ad1e0415f23d5cebd0f4c329f7c6b6ede0e628781ae82c392d6b09626d
e573fed8218a29803c9417b297cab4d28589268a8444836722c383559b70c572
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839
e719a48e1ad38d521e2529d3dc19dc631932fc06ec8c1faac647399697ce1a83
e7c6bdfe1e2b15842f937a73a08b41a987c725dc0788c7e49645643de6ff37ac
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
ea06294b9f60cab9b0659de0b93fbbf8c8fb0bc302554163534aa2887676ee96
ea78c5f1cba3167ade713e23c630bb56c83c30483b57db9552c9ef1446da3b79
eb3f623b60fe8fff9b7f92735e06fd2a8d6142aeba28bc80af83897149ad6f02
eb3f7ec2c09e15dbbff1fd0d37dbcbe3e1831e7c99367dd844b82fa6d7aedc55
eb529572e8303d0a62213e86419c6f4b1e816b510b8655dd40453e95bdc3eab1
eb5452a94fc36817c3c0af8d5695cb2419c5ca657cd2c96bb7fd716e0b357874
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ebd470b764650210102d5e7f09e05ab1a4c2f355f0ce5737ce4431a34f79d93e
ec80f85f672f96da15a544223ba5aa6c710ce748622aec76d76220360c84c36d
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e
ecdfa400855d3a2942065b7b7036b020e66d61547a26465637598a2078d46612
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
eed789e7449cadf4d11e454a10e13d0b033216042c93858f45e63a012c57b928
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef87125e3f6d1d7c2f83f656d6ff8e4a874a17673c832587e90cfa2eee7bcb05
ef9d1ad0738b997a76c13bbe3ea378b130a01439e5c7a02bada840eff6a72206
efa0c9c3494c8636e078817120effd662d209825d2a1bf4ff1fe6390774231b1
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f210906d5737531eada757253ca21b6b158de18c821a4bc85c4e469daac13ad5
f22af0f8a7ea5cd96f9cecf33dfdb62fe27a01c293c056d7cd7fcbcb78c2ef77
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f3a0d2f38d685d851b145a4d96eecfc3455cb9ef002115e46bf8f7c8208cec8c
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58
f6401ee350fbe9fda8b1e2cbae78ce435d8c1bb1c1bfb514ec8855896211b209
f731d2d5d7a241d8c9dc5d90ebde4f99be1c71da804502430c18907312e2680d
fb292d07922eec50918b939491aed7f545e7c3668af756619dc472cc0a8be8c3
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20
fd43d3dcc18f9ee94050f3591a4aff438c71000950cee843eafe3cd9720ef692
fd56632b4b07ce2bd408199103760876ef5366d846cdca5b184e04f456eb21d0
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49
fe40e7a743fad22ac7f7ae610963c6d35ec483d4fadaf4368dadf4857f630f5c